1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. JUNOSE 11.0.X IP SERVICES
  6. Configuration manual

Juniper JUNOSE 11.0.X IP SERVICES Configuration Manual page 350

For e series broadband services routers - ip services configuration
Hide thumbs
Table of Contents

Advertisement

JUNOSe 11.0.x IP Services Configuration Guide
NOTE: If you delete a mobile node host by using the no ip mobile host command,
all security associations that you configured for this host are deleted.
324
Configuring the Mobile IP Home Agent
Use to configure the security associations for a mobile node.
You must configure security associations only for mobile nodes on which local
authentication is configured.
To specify the mobile node, include the required nai keyword or the required
address keyword, as follows:
To specify the network access identifier (NAI) for the mobile node, include
the nai keyword. You must choose one of the following formats, where user
represents the user name and realm represents the domain name:
user@realm, @realm, or @.
To specify a nonzero home address of the mobile node, include the address
keyword followed by the IP address of the mobile node.
To specify the security parameter index (SPI) value to authenticate inbound
requests and permit authentication for outbound registration requests, include
the required spi keyword followed by a 4-octet hexadecimal number, in the
range 0x100–0xFFFFFFFF.
To specify the authentication key for this security association, include the required
key keyword followed by either the hex keyword or the ascii keyword, as follows:
To specify a hexadecimal key, use the hex keyword followed by a
32-character (128-bit) hexadecimal value in the range 0x0–0xFFFFFFFE.
To specify an ASCII key, use the ascii keyword followed by an alphanumeric
value up to a maximum of 16 characters (128 bits).
To specify the number of seconds by which a registration request can exceed
the time value configured on the home agent, include the optional replay
timestamp within keywords followed by the number of seconds, in the range
1–255; the default value is 7 seconds.
To specify the type of authentication algorithm for Mobile IP messages, include
the optional algorithm keyword followed by either the hmac-md5 keyword or
the keyed-md5 keyword.
Examples
host1(config)#ip mobile secure host 200.1.1.1 spi 0x398 key ascii w4ex
algorithm keyed-md5 replay timestamp within 225
or
host1(config)#ip mobile secure host nai @amazon.net spi 0x100 key ascii pD4En
algorithm keyed-md5 replay timestamp within 100
Use the no version to delete the security associations for the specified host on
the virtual router.
See ip mobile secure host.

Advertisement

Table of Contents
loading

Related Manuals for Juniper JUNOSE 11.0.X IP SERVICES

Related Products for Juniper JUNOSE 11.0.X IP SERVICES

This manual is also suitable for:

Junose 11.0.x

Table of Contents