To Next Page

To Previous Page

604

In FIPS mode:

pre-shared-key { address { ipv4-address [ mask | mask-length ] | ipv6 ipv6-address

[ prefix-length ] } | hostname host-name } key [ cipher string ]

undo pre-shared-key { address { ipv4-address [ mask | mask-length ] | ipv6 ipv6-address

[ prefix-length ] } | hostname host-name }

Default

No pre-shared key is configured.

Views

IKE keychain view

Predefined user roles

network-admin

Parameters

address: Specifies a peer by its address.

ipv4-address: Specifies the IPv4 address of the peer.

mask: Specifies the mask in dotted decimal notation. The default mask is 255.255.255.255.

mask-length: Specifies the mask length in the range of 0 to 32. The default mask length is 32.

ipv6: Specifies an IPv6 peer.

ipv6-address: Specifies the IPv6 address of the peer.

prefix-length: Specifies the prefix length in the range of 0 to 128. The default prefix length is 128.

hostname host-name: Specifies a peer by its hostname, a case-sensitive string of 1 to 255

characters.

key: Specifies a pre-shared key.

cipher: Specifies a pre-shared key in encrypted form.

simple: Specifies a pre-shared key in plaintext form. For security purposes, the key specified in

plaintext form will be stored in encrypted form.

string: Specifies the pre-shared key. The key is case sensitive. In non-FIPS mode, its plaintext form

is a string of 1 to 128 characters and its encrypted form is a string of 1 to 201 characters. In FIPS

mode, its plaintext form is a string of 1 to 128 characters and its encrypted form is a string of 15 to

201 characters.

Usage guidelines

The address option or the hostname option specifies the peer with which the device can use the

pre-shared key to perform IKE negotiation.

Two peers must be configured with the same pre-shared key to pass pre-shared key authentication.

In FIPS mode, if you do not specify the cipher string option, you specify a plaintext pre-shared key in

interactive mode. The key is a case-sensitive string of 15 to 128 characters, and it must contain

uppercase and lowercase letters, digits, and special characters other than the question mark (?). In

non-FIPS mode, this command does not support configuring a pre-shared key in interactive mode.

Examples

# Create the IKE keychain key1 and enter IKE keychain view.

<Sysname> system-view

[Sysname] ike keychain key1

# Set the pre-shared key to be used for IKE negotiation with peer 1.1.1.2 to 123456TESTplat&!.

Other manuals for H3C MSR Series

Manual33 pages

Probe Command Reference28 pages

Configuration Guide80 pages

Troubleshooting Guide28 pages

User Guide26 pages

Questions and Answers:

Need help?

Do you have a question about the H3C MSR Series and is the answer not in the manual?

H3C MSR Series Specifications

General

Category	Network Router
IPv6 Support	Yes
Dimensions	Varies by model
Weight	Varies by model
Product Type	Modular Router
Ports	Varies by model
WAN Interfaces	Varies by model
Firewall	Yes
QoS	Yes
Wireless Support	Varies by model
USB Ports	Varies by model
Console Port	Yes
Power Supply	Varies by model
Redundancy	Varies by model
Operating Temperature	0°C to 45°C
Storage Temperature	-40°C to 70°C
Humidity	5% to 95% non-condensing
Series	MSR
Certifications	CE, FCC, RoHS