Manualshelf

Mellanox MLNX-OS User Manual for SX1018HP Ethernet Managed Blade Switch

ManualsBrandsHP ManualsComputer AccessoriesMellanox SX1018HP Ethernet Switch for c-Class BladeSystem
281282283284285286287288289290
Rev 2.10
Mellanox Technologies
281
Mellanox Technologies Confidential
Syntax Description enable Enables IPSec peering.
ike Configures IPSec peering using IKE ISAKMP to man-
age SA keys. It has the following optional parameters:
auth: Configures the authentication algorithm for IPSec
peering
dh-group: Configures the phase1 Dif
fie-Hellman group
proposed for secure IKE key exchange
disable: Configures this IPSec peering administratively
disabled
encrypt: Configures the encryp
tion algorithm for IPSec
peering
exchange-mode: Configures the I
KE key exchange mode
to propose for peering
lifetime: Configures the SA l
ifetime to propose for this
IPSec peering
local-identity: Configures the ISAKMP payload identifi-
cation value to send as loca
l endpoint's identity
mode: Configures the peering mode for this IPSec peer-
ing
peer-identity: Configures the identification value to
m
atch against the peer's ISAKMP payload identification
pfs-group: Configures the phase2 PFS (Perfect Forward-
ing Secrecy) group to propose for Diffie-Hellman
exchange for this IPSec
peering
preshared-key: Configures the IKE pre-shared key for the
IPSec peering
prompt-preshared-key: Prompts for the pre-shared key,
ra
ther than entering it on the command line
transform-set: Configures transform proposal parameters
keying Configures key management for this IPSec peering:
auth: Configures the authentication algorithm for this
IPSec peering
disable: Configures this IPSec peering administratively
disabled
encrypt: Configures the encryption algorithm for this
IPSe
c peering
local-spi: Configures the loca
l SPI for this manual IPSec
peering
mode: Configures the peering mode for
this IPSec peer-
ing
remote-spi: Configures the remote SPI for this manual
IPSe
c peering
manual Configures IPSec peering using manual keys.
Default N/A
Configuration Mode Config
History 3.2.3000
Role admin
Example
switch (config)# crypto ipsec peer 10.10.10.10 local 10.7.34.139 enable
switch (config)#