JUNOSe 11.1.x IP Services Configuration Guide
NOTE: This command replaces "ipsec isakmp-policy-rule" on page 226 , which may
be removed completely in a future release.
ipsec isakmp-policy-rule
NOTE: This command has been replaced by "ipsec ike-policy-rule" on page 225 and
may be removed completely in a future release.
ipsec key generate
ipsec key zeroize
226
Configuring Digital Certificates Using the Offline Method
See ipsec ike-policy-rule.
Use to define an ISAKMP/IKE policy.
When you enter the command, you include a number that identifies the policy
and assigns a priority to the policy. You can number policies in the range
1–10000, with 1 having the highest priority.
Example
host1(config)#ipsec isakmp-policy-rule 3
host1(config-ike-policy)#
Use the no version to remove policies. If you do not include a priority number
with the no version, all policies are removed.
See ipsec isakmp-policy-rule.
Use to generate RSA key pairs. Include a length of either 1024 or 2048 bits. The
generated keys can be used only after the CA issues a certificate for them.
Example
host1(config)#ipsec key generate rsa 2048
Please wait.................................................
..........................
IPsec Generate Keys complete
There is no no version. To remove a key pair, use the ipsec key zeroize
command.
See ipsec key generate.
Use to delete RSA key pairs. Include one of the following keywords:
rsa Removes the RSA key pair from the router
pre-share Removes all preshared keys from the router
all Removes all keys within the VR context from the router
Example