HP ProCurve 7102dl Reference Manual page 351
Secure router sros command line interface
Hide thumbs
Also See for ProCurve 7102dl:
- Configuration manual (1114 pages) ,
- Product end-of-life disassembly instructions (2 pages) ,
- Advanced management and configuration manual (1005 pages)
Table of Contents
Advertisement
SROS Command Line Interface Reference Guide
Global Configuration Mode Command Set
john@myemail.com
Example for fqdn:
*.domain.com
will match:
www.domain.com
ftp.domain.com
one.www.domain.com
The address remote ID can be in the form of a single host address or in the form of an IP address
wildcard.
Example for address type:
crypto ike remote id address 10.10.10.0 0.0.0.255
will match:
10.10.10.1
10.10.10.2
and all IP addresses in the form of 10.10.10.X (where X is 0-255)
The asn1-dn <WORD> line can include wildcard characters. The wildcard characters are "*" for a 0 or
more character match and "?" for a single character match. Currently, the "?" cannot be set up using the
CLI, but it can be transferred to the unit via the startup-config.
Example for typical asn1-dn format with no wildcards:
crypto ike remote-id asn1-dn "CN=MyRouter, C=US, S=CA, L=Roseville, O-HP, OU=TechSupport"
(matches only remote ID strings with all fields exactly the same)
Example for typical asn1-dn format with wildcards used to match a string within a field:
crypto ike remote-id asn1-dn "CN=*, C=*, S=*, L=*, O=*, OU=*"
(matches any asn1-dn remote ID string from a peer)
Example for typical asn1-dn format with wildcards used to match a portion of the remote ID:
crypto ike remote-id asn1-dn "CN=*, C=US, S=CA, L=Roseville, O=HP, OU=*"
(matches any remote ID string with the same values for the C, S, L, and O fields, and any values in the CN and
OU fields)
Example for typical asn1-dn format with wildcards used to match a portion of a field:
crypto ike remote-id asn1-dn "CN=My*, C=US, S=CA, L=Roseville, O=HP, OU=TechSupport"
(matches remote ID strings with all fields exactly the same, but with any CN field beginning with "My")
Usage Examples
The following example assigns a remote ID of 63.97.45.57 and associates the pre-shared key mysecret
with the remote ID:
ProCurve(config)#crypto ike remote-id address 63.97.45.57 preshared-key mysecret
5991-2114
© Copyright 2007 Hewlett-Packard Development Company, L.P.
349
Advertisement
Chapters
Table of Contents
