JUNOSe 11.1.x Command Reference Guide A to M
ipsec key manual pre-share
[ no ] ipsec key manual pre-share { ipAddress | ip address ipAddress | identity fqdn
Syntax
| local-ip-address localIpAddress [ remote-ip-address remoteIpAddress ] }
Command introduced before JUNOSe Release 7.1.0.
Release Information
local-ip-address and remote-ip-address keywords added in JUNOSe Release 7.3.0.
localIpAddress and remoteIpAddress variables added in JUNOSe Release 7.3.0.
Specifies a preshared key for a remote peer, indexed by remote IP or remote identity.
Description
It can also specify a preshared key which is indexed by the local ip / remote IP pair
for use in specific pairings or in group preshared keys (remote is wildcard 0.0.0.0).
Manually configured keys are used during the tunnel establishment phase when the
ISAKMP/IKE policy specifies preshared key authentication.
You can identify the remote peer by either IP address or fully qualified domain name
(FQDN). The no version deletes a preshared key.
NOTE: You must enter this command in the virtual router context where the IP
address or FQDN of the peer is defined.
Options
Global Configuration
Mode
1002
ipsec key manual pre-share
ipAddress Address of the peer for which the key can be used
fqdn Fully qualified domain name of the peer for which the key can be used;
a maximum of 80 characters
localIpAddress Address of the local peer for which the key can be used
remoteIpAddress Address of the remote peer for which the key can be used