Manualshelf

Concept Guide

ManualsBrandsDell ManualsAccess PlatformsW-Series 304/305 Access Points
611612613614615616617618619620
master-redundancy peer-ip
master-redundancy peer-ip <ipaddr>
ipsec <key>
ipsec-custom-cert master-mac <mac> ca-cert <ca> server-cert <cert> [suite-b gcm-128|gcm-
256]
ipsec-factory-cert master-mac <mac>
Description
This command configures the IP address and preshared key or certificate for a redundant master controller on
another master controller.
Syntax
Parameter Description
<ipaddr>
IP address of the redundant controller. Use the 0.0.0.0 address to configure a
global preshared key for all inter-controller communications.
ipsec <key>
To establish the master-master IPsec tunnel using IKEv1, enter a preshared
key between 6-64 characters.
ipsec-custom-cert
Use a custom-installed certificate on the controller to establish the master-
master IPsec tunnel using IKEv2
master-mac <mac>
The MAC address of the certificate on the redundant master controller.
ca-cert <ca>
User-defined name of a trusted CA certificate installed on the redundant
master controller. Use the show crypto-local pki TrustedCA command to
display the CA certificates that have been imported into the controller.
server-cert <cert>
User-defined name of a server certificate installed on on the redundant
master controller. Use the show crypto-local pki ServerCert command to
display the server certificates that have been imported into the controller.
suite-b
If you configure your master controllers to use IKEv2 and custom-installed
certificates, you can optionally use Suite-B cryptographic algorithms for IPsec
encryption. Specify one of the following options:
l gcm-128 Use 128-bit AES-GCM Suite-B encryption
l gcm-256 Use 256-bit AES-GCM Suite-B encryption
ipsec-factory-cert
Use the factory-installed certificate on the master controller to establish a
master-local IPsec tunnel using IKEv2.
master-mac <mac>
The MAC address of the certificate on the redundant master controller.
Usage Guidelines
Use this command on a master controller to configure the IP address and preshared key or certificates for
communication with a redundant master controller.
Dell Networking W-Series ArubaOS 6.5.x | Reference Guide master-redundancy peer-ip | 619