Filter
Top Products
Chapter 4
Configuration via the Command Line Interface
E-DOC-CTC-20051017-0169 v0.1
132
4.5.3 Create a new Connection Security Descriptor
add command A new Connection Security Descriptor is created with the ipsec connection
descriptor add
command.
Example In the following example, a new Connection Security Descriptor is created, named
cnctdes1
The result of this operation can be verified with the
list command.
It is seen that the new descriptor, named “cnctdes1”, has been created.
[ipsec]=>connection
[ipsec connection]=>descriptor
[ipsec connection descriptor]=>add
name = cnctdes1
:ipsec connection descriptor add name=cnctdes1
[ipsec connection descriptor]=>
[ipsec connection descriptor]=>list
[AES_SHA1_TUN] : AES(128) HMAC-SHA1 Lifetime 86400s Tunnel Mode
[AES_MD5_TUN] : AES(128) HMAC-MD5 Lifetime 86400s Tunnel Mode
[AES_SHA1_PFS_TUN] : AES(128) HMAC-SHA1 PFS Lifetime 86400s Tunnel Mode
[AES_MD5_PFS_TUN] : AES(128) HMAC-MD5 PFS Lifetime 86400s Tunnel Mode
[3DES_SHA1_TUN] : 3DES HMAC-SHA1 Lifetime 86400s Tunnel Mode
[3DES_MD5_TUN] : 3DES HMAC-MD5 Lifetime 86400s Tunnel Mode
[3DES_SHA1_PFS_TUN] : 3DES HMAC-SHA1 PFS Lifetime 86400s Tunnel Mode
[3DES_MD5_PFS_TUN] : 3DES HMAC-MD5 PFS Lifetime 86400s Tunnel Mode
[DES_SHA1_TUN] : DES HMAC-SHA1 Lifetime 86400s Tunnel Mode
[DES_MD5_TUN] : DES HMAC-MD5 Lifetime 86400s Tunnel Mode
[AES_SHA1_Adv_TUN] : AES(256) HMAC-SHA1 PFS Lifetime 86400s Tunnel Mode
[3DES_SHA1_Adv_TUN] : 3DES HMAC-SHA1 PFS Lifetime 86400s Tunnel Mode
[NullEnc_SHA1_TUN] : NULL HMAC-SHA1 Lifetime 86400s Tunnel Mode
[cnctdes1] : Tunnel Mode
[ipsec connection descriptor]=>
Thirteen Connection Security Descriptors are pre-defined in the
SpeedTouch™, covering the most common settings. In total, up to 40
Security Descriptors can be defined. This total includes both the Peer
Security Descriptors and the Connection Security Descriptors.