Filter
Top Products
Chapter 4
Configuration via the Command Line Interface
E-DOC-CTC-20051017-0169 v0.1
128
4.5.1 Connection Security Descriptor parameters
Parameters table The following table summarizes the parameters comprised in the connection
security descriptor. The table also indicates the keyword used in the CLI for each
parameter:
Example: A Connection Security Descriptor is a text string, comprising the parameters
described in the table above. An example is shown here:
Connection Descriptor
name [name]
This name is used internally to identify the Connection Descriptor.
Parameter Keyword Description
Connection Descriptor
name
name
Symbolic name to identify the
Descriptor.
Cryptographic function crypto
Cryptographic function to be used
for the IPSec Security Association.
Key length keylen
Length of the cryptographic key
for the AES encryption algorithm.
Hash function integrity
Hashing function used for
message authentication.
Perfect Forward Secrecy pfs
Selects the use of Perfect Forward
Secrecy.
IPSec SA lifetime lifetime_secs
The lifetime of the IPSec Security
Association. At expiration of this
period re-keying occurs.
IPSec SA volume
lifetime
lifetime_kbytes
The maximum data volume
transported before re-keying
occurs.
Encapsulation encaps
Selects the ESP encapsulation
mode.
AES(128) TUNNEL MODELifetime 86400sHMAC-SHA1
Cryptographic function
(key length)
Hash function IPsec SA lifetime Encapsulation
mode