Filter
Top Products
Appendix A: IPSec Configuration File
134
NI Series WebConsole & Programming Guide
mkmSetInboundAH
mkmSetInboundAH
NAME mkmSetInboundAH – set the transform ID and key for an inbound AH SA
SYNOPSIS mkmSetInboundAH=cptr_value_string
DESCRIPTION This rule sets the transform ID and key for an inbound AH SA.
Rule Value:
cptr_value_string
A string formatted as follows:
saNumber,spi,ahTransformID,key
where
- saNumber is a unique unsigned integer specified by the user.
- spi is the decValue for the security parameter index, an unsigned long. SPI >255 and
SPI < SPI_BOUNDARY, which is defined as 2048.
- ahTransformID is:
MD5 | SHA | HMAC-MD5 | HMAC-SHA | HMAC-SHA2-256 | HMAC-SHA2-384 |
HMAC-SHA2-512 | HMAC-RIPEMD | AES-XCBC-MAC
Note that MD5 (deprecated) is equivalent to HMAC-MD5; SHA (deprecated) is equivalent to
HMAC-SHA.
- key is the authentication algorithm key in hexadecimal. It must be 32 characters for MD5; 40
characters for SHA; 64 characters for SHA2-256; 96 characters for SHA2-384; 128 charac-
ters for SHA2-512; and 40 characters for RIPEMD.
The traffic selectors for the transport or tunnel SA should be added before attempting to set
the transform and keys for the same Security Association (identified by SA Number).
EXAMPLES mkmSetInboundAH=0,258,HMAC-MD5,123456789ABCDEF0FEDCBA987654321
Config String
Format
saNumber.spi,ahTransformID,key