ipsec Commands
ipsec connection descriptor modify
Changes a phase 2 (IPSec) security descriptor.
SYNTAX:
ipsec connection descriptor
modify
where:
name
crypto
keylen
integrity
pfs
lifetime_secs
lifetime_kbytes
encapsulation
E-DOC-CTC-20080409-0002 v2.0
name = <{AES_SHA1_TUN|AES_MD5_TUN|
AES_SHA1_PFS_TUN|AES_MD5_PFS_TUN|
DES_SHA1_TUN|DES_MD5_TUN|AES_SHA1_Adv_TUN|
NullEnc_SHA1_TUN}>
[crypto = <{DES|3DES|AES|NULL}>]
[keylen = <{0|128|192|256}>]
[integrity = <{HMAC-MD5|HMAC-SHA1}>]
[pfs = <{disabled|enabled}>]
[lifetime_secs = <number>]
[lifetime_kbytes = <number>]
[encapsulation = <{tunnel|transport}>]
Security descriptor profile to change.
Specify the crypto algorithm to use.
Specify the key length for the crypto algorithm.
Specify the integrity algorithm to use.
Enable/Disable perfect forward secrecy (PFS).
The lifetime expressed in seconds (Lifetime must
differ from 0 otherwise unset).
The lifetime expressed in kilobytes (Lifetime
must differ from 0 otherwise unset).
Transport or Tunnel mode.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
571