Creating An Association - Qlogic SANbox 5802V Interface Manual

A

Creating an Association

To create an association, enter the
in the following example:
SANbox #> admin start
SANbox (admin) #> ipsec edit
SANbox (admin-ipsec) #> ipsec association create h2h-sh-sa
A list of attributes with formatting will follow.
Enter a value or simply press the ENTER key to skip specifying a value.
If you wish to terminate this process before reaching the end of the list
press 'q' or 'Q' and the ENTER key to do so.
Required attributes are preceded by an asterisk.
Value (press ENTER to not specify value, 'q' to quit):
Description
*SourceAddress
*DestinationAddress (hostname, IPv4, or IPv6 Address)
*Protocol
*SPI
Authentication
*AuthenticationKey
*Encryption
*EncryptionKey
The security association has been created.
This configuration must be saved with the 'ipsec save' command
before it can take effect, or to discard this configuration
use the 'ipsec cancel' command.
59263-01 A
(string value, 0-127 bytes)
(hostname, IPv4, or IPv6 Address)
(1=esp, 2=esp-old, 3=ah, 4=ah-old)
(decimal value, 256-4294967295)
(select an authentication algorithm)
1=hmac-md5 (16 byte key)
2=hmac-sha1 (20 byte key)
3=hmac-sha256 (32 byte key)
4=aes-xcbc-mac (16 byte key)
authentication algorithm choice
(quoted string or raw hex bytes)
(select an encryption algorithm)
1=des-cbc (8 byte key)
2=3des-cbc (24 byte key)
3=null (0 byte key)
4=blowfish-cbc (5-56 byte key)
5=aes-cbc (16/24/32 byte key)
6=twofish-cbc (16-32 byte key)
encryption algorithm choice
(quoted string or raw hex bytes)
Ipsec Association Create command as shown
: Host-to-host: switch->host
: fe80::2c0:ddff:fe03:d4c1
: fe80::250:daff:feb7:9d02
: 1
: 333
: 2
: "12345678901234567890"
: 2
: "123456789012345678901234"
4 – Network Configuration
Managing IP Security
4-15