Table of Contents
Advertisement
4.3.3 Create a New Peer Security Descriptor
add command
Example
E-DOC-CTC-20051017-0169 v0.1
A new Peer Security Descriptor is created with the
add
command.
In the following example, a new Peer Security Descriptor is created, named
peerdes1
=>ipsec
[ipsec]=>peer
[ipsec peer]=>descriptor
[ipsec peer descriptor]=>add
name = peerdes1
:ipsec peer descriptor add name=peerdes1
[ipsec peer descriptor]=>
The result of this operation can be verified with the
[ipsec peer descriptor]=>
[ipsec peer descriptor]=>list
[AES_SHA1] : AES(128) SHA1 MODP1024 Lifetime 3600s
[AES_MD5] : AES(128) MD5 MODP1024 Lifetime 3600s
[3DES_SHA1] : 3DES SHA1 MODP1024 Lifetime 3600s
[3DES_MD5] : 3DES MD5 MODP1024 Lifetime 3600s
[DES_SHA1] : DES SHA1 MODP768 Lifetime 3600s
[DES_MD5] : DES MD5 MODP768 Lifetime 3600s
[AES_SHA1_Adv] : AES(256) SHA1 MODP1536 Lifetime 86400s
[peerdes1] :
[ipsec peer descriptor]=>
It is seen that the new descriptor, named "peerdes1", has been created but no
parameters are assigned yet.
Seven Peer Security Descriptors are pre-defined in the SpeedTouch™,
covering the most common settings. In total, up to 40 Security Descriptors
can be defined. This total includes both the
the
Connection
Security Descriptors (see
Descriptor" on page
Configuration via the Command Line Interface
ipsec peer descriptor
list
Peer
"4.5 Connection Security
127).
Chapter 4
command.
Security Descriptors and
115
Advertisement
Table of Contents
