Filter
Top Products
Appendix A: IPSec Configuration File
117
NI Series WebConsole & Programming Guide
ikeAddPeerAuth (Cont.)
EXAMPLES Using a pre-shared key for IPv4:
ikeAddPeerAuth=100.100.100.4,100.100.100.1,mm_grp2,NOPFS,PSK,
thisisatest
Using a pre-shared key for IPv6:
ikeAddPeerAuth=3ffe:2::2,3ffe:1::2,mm_grp2,NOPFS,PSK,thisisatest
Using certificates for IPv4:
ikeAddPeerAuth=192.168.1.36,192.168.1.35,ph1_g1_1,NOPFS,RSA,
local_key.key,mypassword,local_cert.crt,PEER_CERT,peer_cert.crt
ikeAddPeerAuth=192.168.1.36,192.168.1.35,ph1_g1_1,NOPFS,RSA,
local_key.key,mypassword,local_cert.crt
ikeAddPeerAuth=192.168.1.36,192.168.1.35,ph1_g1_1,NOPFS,RSA,
local_key.key,NOPASS,local_cert.crt
Config String
Format
peerIpAddress,interfaceIpAddress,proposalName,authenticationMethod,
authenticationInfo
Pre-defined
proposal
names
The following are proposal names already defined inside the AMX Firmware and available for
use in the ikeAddPeerAuth configuration:
mm_g2=mm_3des_sha,mm_3des_md5,mm_des_sha,mm_des_md5
Attributes: DHGROUP=G2, LIFETIME=28800 sec
mm_g1=mm_3des_sha,mm_3des_md5,mm_des_sha,mm_des_md5\n"
Attributes: DHGROUP=G1, LIFETIME=28800 sec
mm_prop=mm_des_md5
Attributes: DHGROUP=G2, LIFETIME=300 sec
mm_prop1= mm_des_md5
Attributes: DHGROUP=G2, LIFETIME=3600 sec
Additional IKE proposals and attributes can be created with the next two API’s.