Ip Mobile Secure Host - Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - COMMAND REFERENCE A TO M 2010-10-19 Command Reference Manual

ip mobile secure host

Syntax
Release Information
Description
Options
Copyright © 2010, Juniper Networks, Inc.
ip mobile secure host { nai { user@realm | @realm | @ } | ipAddress } spi spi
key { hex hexKeyVal | ascii asciiKeyVal } [ replay timestamp within seconds ]
[ algorithm { hmac-md5 | keyed-md5 } ]
no ip mobile secure host { nai { user@realm | @realm } | ipAddress } spi spi
key { hex hexKeyVal | ascii asciiKeyVal }
Command introduced in JunosE Release 9.0.0.
Configures the security associations for a mobile node. You can configure the security
associations for a mobile node only after configuring a corresponding host configuration
for the mobile node, and only if you have not configured the AAA service on the virtual
router. You can specify the interval within which a registration request can exceed the
home agent configured time value by specifying the replay timestamp within keyword.
The no version deletes the security associations for the specified host on the virtual router.
NOTE: If you delete a mobile node host by using the no ip mobile host
command, all security associations that you configured for this host are
deleted.
user@realm—Name of the user for the mobile node specification when the nai keyword
is specified, in the format user@realm, where realm is the domain name
@realm—Name of the user for the mobile node specification when the nai keyword is
specified, in the format @realm, where realm is the domain name
@—Name of the user for the mobile node specification when the nai keyword is
specified, in the format @
ip Address—IP address of the foreign agent
spi—Security parameter index (SPI) value, a specific 4-octet hexadecimal number, in
the range 0x100–0xFFFFFFFF, that authenticates inbound requests and permits
authentication for outbound registration requests
hexKeyVal—128-bit hexadecimal number, in the range 0x0–0xFFFFFFFE, that specifies
the authentication key for a specific security association
asciiKeyVal—128-bit alphanumeric value, up to a maximum of 16 characters, that
specifies the authentication key for a specific security association
seconds—Number of seconds, in the range 1–255, by which a registration request can
exceed the home agent configured time value; default value is 7 seconds
hmac-md5—Specifies the authentication algorithm for Mobile IP messages, default
value is hmac-md5
keyed-md5—Specifies the authentication algorithm for Mobile IP messages
Chapter 10: I Commands
853