HP FlexNetwork MSR Series Command Reference Manual page 607
Comware 7 security
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (392 pages) ,
- Configuration manuals (159 pages)
Advertisement
[Sysname-ikev2-keychain-key1] peer peer2
# Configure asymmetric plaintext pre-shared keys. The key for certificate signing is 11-key-a
and the key for certificate authentication is 111-key-b.
[Sysname-ikev2-keychain-key1-peer-peer2] pre-shared-key local plaintext 111-key-a
[Sysname-ikev2-keychain-key1-peer-peer2] pre-shared-key remote plaintext 111-key-b
•
On the responder:
# Create an IKEv2 keychain named telecom.
<Sysname> system-view
[Sysname] ikev2 keychain telecom
# Create an IKEv2 peer named peer1.
[Sysname-ikev2-keychain-telecom] peer peer1
# Configure the symmetric plaintext pre-shared key 111-key.
[Sysname-ikev2-keychain-telecom-peer-peer1] pre-shared-key plaintext 111-key
[Sysname-ikev2-keychain-telecom-peer-peer1] quit
# Create an IKEv2 peer named peer2.
[Sysname-ikev2-keychain-telecom] peer peer2
# Configure asymmetric plaintext pre-shared keys. The key for certificate signing is 11-key-b
and the key for certificate authentication is 111-key-a.
[Sysname-ikev2-keychain-telecom-peer-peer2] pre-shared-key local plaintext
111-key-b
[Sysname-ikev2-keychain-telecom-peer-peer2] pre-shared-key remote plaintext
111-key-a
Related commands
ikev2 keychain
peer
prf
Use prf to specify pseudo-random function (PRF) algorithms for an IKEv2 proposal.
Use undo prf to restore the default.
Syntax
In non-FIPS mode:
prf { aes-xcbc-mac | md5 | sha1 | sha256 | sha384 | sha512 } *
undo prf
In FIPS mode:
prf { sha1 | sha256 | sha384 | sha512 } *
undo prf
Default
An IKEv2 proposal uses the integrity protection algorithms as the PRF algorithms.
Views
IKEv2 proposal view
Predefined user roles
network-admin
589
Advertisement
