ZyXEL Communications n/a Modem User Manual


 
Chapter 14 IPSec Commands
DSL & IAD CLI Reference Guide
91
ipsec config dnsServer <ip-address> Sets the DNS server IP address to assign to remote users.
ipsec config antiReplay <Yes|No> Enables or disables the replay detection.
ipsec config keyManage <0:IKE|1:Manual> Sets the rule to use IKE (ISAKMP) or manual key
management.
ipsec config ike negotiationMode <0:Main
| 1:Aggressive>
Sets the negotiation mode.
ipsec config ike authMethod
<0:PreSharedKey|1:RSASignature>
Sets the authentication method.
ipsec config ike certificate
<certificate-name>
Specifies the certificate the ZyXEL Device uses for
authentication.
ipsec config ike preShareKey
<ascii|0xhex>
Sets the pre-shared key.
ascii | 0xhex: Enter characters in ASCII or in
hexadecimal format. The minimum length is 8.
ipsec config ike p1EncryAlgo
<0:DES|1:3DES|2:AES>
Sets the phase 1 encryption algorithm.
ipsec config ike p1EncryKeyLen
<0:128|1:192|2:256
Sets the phase 1 encryption key length.
ipsec config ike p1AuthAlgo
<0:MD5|1:SHA1>
Sets the phase 1 authentication algorithm.
ipsec config ike p1SaLifeTime <seconds> Sets the phase 1 IPSec SA life time.
ipsec config ike p1KeyGroup <0:DH1|1:DH2> Sets the phase 1 IKE SA key group.
ipsec config ike activeProtocol
<0:AH|1:ESP>
Sets the active protocol.
ipsec config ike p2EncryAlgo
<0:Null|1:DES|2:3DES|3:AES>
Sets the phase 2 encryption algorithm.
ipsec config ike p2EncryKeyLen
<0:128|1:192|2:256
Sets the phase 2 encryption key length.
ipsec config ike p2AuthAlgo
<0:MD5|1:SHA1>
Sets the phase 2 authentication algorithm.
ipsec config ike p2SaLifeTime <seconds> Sets the phase 2 IPSec SA life time.
ipsec config ike encap
<0:Tunnel|1:Transport>
Sets the encapsulation mode.
ipsec config ike pfs <0:None|1:DH1|2:DH2> Sets Perfect Forward Secrecy for phase 2.
ipsec config manual activeProtocol
<0:AH|1:ESP>
Sets the protocol the manual key rule uses.
ipsec config manual ah encap
<0:Tunnel|1:Transport>
Sets the encapsulation mode when using AH protocol in
the manual rule.
ipsec config manual ah spi <decimal> Sets the SPI information when using AH protocol in the
manual rule.
decimal: The maximum length is 9.
ipsec config manual ah authAlgo
<0:MD5|1:SHA1
Sets the authentication algorithm when using AH protocol
in the manual rule.
ipsec config manual ah authKey <ascii> Sets the authentication key when using AH protocol in the
manual rule.
Table 34 IPSec Commands (continued)
COMMAND DESCRIPTION