Priority (Ike Keychain View) - HP FlexNetwork MSR Series Command Reference Manual
Comware 7 security
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (392 pages) ,
- Configuration manuals (159 pages)
Advertisement
Parameters
address: Specifies a peer by its address.
ipv4-address: Specifies the IPv4 address of the peer.
mask: Specifies the mask in dotted decimal notation. The default mask is 255.255.255.255.
mask-length: Specifies the mask length in the range of 0 to 32. The default mask length is 32.
ipv6: Specifies an IPv6 peer.
ipv6-address: Specifies the IPv6 address of the peer.
prefix-length: Specifies the prefix length in the range of 0 to 128. The default prefix length is 128.
hostname host-name: Specifies a peer by its hostname, a case-sensitive string of 1 to 255
characters.
key: Specifies a pre-shared key.
cipher: Specifies a pre-shared key in encrypted form.
simple: Specifies a pre-shared key in plaintext form. For security purposes, the key specified in
plaintext form will be stored in encrypted form.
string: Specifies the pre-shared key. The key is case sensitive. In non-FIPS mode, its plaintext form
is a string of 1 to 128 characters and its encrypted form is a string of 1 to 201 characters. In FIPS
mode, its plaintext form is a string of 1 to 128 characters and its encrypted form is a string of 15 to
201 characters.
Usage guidelines
The address option or the hostname option specifies the peer with which the device can use the
pre-shared key to perform IKE negotiation.
Two peers must be configured with the same pre-shared key to pass pre-shared key authentication.
In FIPS mode, if you do not specify the cipher string option, you specify a plaintext pre-shared key in
interactive mode. The key is a case-sensitive string of 15 to 128 characters, and it must contain
uppercase and lowercase letters, digits, and special characters other than the question mark (?). In
non-FIPS mode, this command does not support configuring a pre-shared key in interactive mode.
Examples
# Create the IKE keychain key1 and enter IKE keychain view.
<Sysname> system-view
[Sysname] ike keychain key1
# Set the pre-shared key to be used for IKE negotiation with peer 1.1.1.2 to 123456TESTplat&!.
[Sysname-ike-keychain-key1] pre-shared-key address 1.1.1.2 255.255.255.255 key simple
123456TESTplat&!
Related commands
authentication-method
keychain
priority (IKE keychain view)
Use priority to specify a priority for an IKE keychain.
Use undo priority to restore the default.
Syntax
priority priority
undo priority
547
Advertisement
