Table of Contents
Advertisement
Command Reference Guide
initiate
Use the initiate command to allow the Internet key exchange (IKE) policy to initiate negotiation (in main
mode or aggressive mode) with peers. Use the no form of this command to allow the policy to respond
only. Variations of this command include:
initiate aggressive
initiate main
Syntax Description
aggressive
main
Default Values
By default, the main initiation mode is enabled.
Command History
Release 4.1
Functional Notes
By using the initiate and respond commands, you can configure the IKE policy to initiate and respond,
initiate only, or respond only. It is an error if you have both initiate and respond disabled.
Usage Examples
The following example enables the AOS device to initiate IKE negotiation in main mode:
(config)#crypto ike policy 1
(config-ike)#initiate main
60000CRG0-35E
Specifies to initiate using aggressive mode. Aggressive mode can be used
when one end of the virtual private network (VPN) tunnel has a dynamically
assigned address. The side with the dynamic address must be the initiator
of the traffic and tunnel. The side with the static address must be the
responder.
Specifies to initiate using main mode. Main mode requires that each end of
the VPN tunnel has a static wide area network (WAN) IP address. Main
mode is more secure than aggressive mode because more of the main
mode negotiations are encrypted.
Command was introduced.
Copyright © 2012 ADTRAN, Inc.
IKE Policy Command Set
3961
Advertisement
Table of Contents
