1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP SERVICES CONFIGURATION GUIDE...
  6. Configuration manual

Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP SERVICES CONFIGURATION GUIDE 2010-10-01 Configuration Manual page 253

Software for e series broadband services routers ip services configuration guide
Hide thumbs
Table of Contents

Advertisement

key-string
Copyright © 2010, Juniper Networks, Inc.
The FQDN preceded by an optional user@ specification; this is also referred to as
user FQDN format
The FQDN and user FQDN identifiers are case-sensitive.
To ensure that the public key is associated with the correct remote peer, the router
requires an exact match for the identifier string. For example, a public key for user FQDN
mjones@sales.company_abc.com does not match a public key for FQDN
sales.company_abc.com.
From IPSec Peer Public Key Configuration mode, use the key-string command to enter
the peer public key data. For information about how to use this command, see
"key-string" on page 227 .
Example 1—Enables you to configure the public key for a remote peer with IP address
192.168.50.10
host1(config)#ipsec key pubkey-chain rsa address 192.168.50.10
host1(config-peer-public-key)#
Example 2—Enables you to configure the public key for a remote peer with the FQDN
sales.company_xyz.com
host1(config)#ipsec key pubkey-chain rsa name sales.company_xyz.com
host1(config-peer-public-key)#
Example 3—Enables you to configure the public key for a remote peer with the FQDN
tsmith@sales.company_xyz.com
host1(config)#ipsec key pubkey-chain rsa name tsmith@sales.company_xyz.com
host1(config-peer-public-key)#
Use the no version to remove the peer public key from the router.
See ipsec key pubkey-chain rsa.
Use to manually enter a 1024-bit or 2048-bit public key for a remote peer with which
you want to establish IKE SAs.
The key string represents the public key hexadecimal data that includes the ASN.1
object identifier and sequence tags for RSA encryption.
Enter an alphanumeric key string with a maximum of 1999 characters.
You must use the same character (for example, " or x) at the beginning and end of the
string to delimit the key string. The delimiter character is case-sensitive and must not
occur anywhere else in the key string.
For information about the format of an RSA public key, see "Public Key Format" on
page 212 .
Example 1—Configures the public key for a remote peer with IP address 192.168.50.10,
using " (double quotation marks) as the key string delimiter character
host1(config)#ipsec key pubkey-chain rsa address 192.168.50.10
host1(config-peer-public-key)#key-string "
Enter remainder of text message. End with the character '"'.
Chapter 8: Configuring Digital Certificates
227

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP SERVICES CONFIGURATION GUIDE 2010-10-01 and is the answer not in the manual?

Related Manuals for Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP SERVICES CONFIGURATION GUIDE 2010-10-01

Related Products for Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP SERVICES CONFIGURATION GUIDE 2010-10-01

This manual is also suitable for:

Junose 11.3

Table of Contents