Dell POWEREDGE M1000E User Manual
Page 511
Fabric OS Command Reference
483
53-1002746-01
ipSecConfig
2
-tag name
Specifies a name for the SA. This is a user-generated name. The name must
be between 1 and 32 characters in length, and may include alphanumeric
characters, dashes (-), and underscores (_). This operand is required.
-protocol ah | esp
Specifies the IPSec protocol. Encapsulating Security Payload (ESP)
provides confidentiality, data integrity and data source authentication of IP
packets, and protection against replay attacks. Authentication Header (AH)
provides data integrity, data source authentication, and protection against
replay attacks but, unlike ESP, does not provide confidentiality. This operand
is required.
-auth algorithm
Specifies the authentication algorithm. This operand is required. Valid
algorithms include the following:
hmac_md5
MD5 authentication algorithm
hmac_sha1
SHA1 authentication algorithm
-enc algorithm
Specifies the encryption algorithm. This operand is required. Valid algorithms
include the following:
3des_cbc
3DES encryption algorithm
blowfish_cbc
Blowfish encryption algorithm
null_enc
Null encryption algorithm
aes256_cb
AES-256 algorithm
-spi number
Specifies the security parameter index (SPI) for the SA. This is a user-defined
index. Valid SPI numbers consist of numeric characters (0-9). This operand is
optional.
policy ike
Creates or modifies an IKE policy configuration. No subtype is required with this
command. The command defines the following IKE policy parameters: IKE
version, IP address of the remote entity, IP address of the local entity, encryption
algorithm, hash algorithm, PRF algorithm, DH group, authentication method, path
and filename of the preshared key. The syntax is as follows: ipsecConfig --add |
--modify ike arguments.
arguments
Valid arguments for policy ike include the following:
-tag name
Specifies a name for the IKE policy. This is a user-generated name. The
name must be between 1 and 32 characters in length, and may include
alphanumeric characters, dashes (-), and underscores (_). This operand is
required.
remote IP_address[/prefixlength]
Specifies the peer IPv4 or IPv6 address and prefix.