EasyManua.ls Logo

H3C MSR Series

H3C MSR Series
1187 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
604
In FIPS mode:
pre-shared-key { address { ipv4-address [ mask | mask-length ] | ipv6 ipv6-address
[ prefix-length ] } | hostname host-name } key [ cipher string ]
undo pre-shared-key { address { ipv4-address [ mask | mask-length ] | ipv6 ipv6-address
[ prefix-length ] } | hostname host-name }
Default
No pre-shared key is configured.
Views
IKE keychain view
Predefined user roles
network-admin
Parameters
address: Specifies a peer by its address.
ipv4-address: Specifies the IPv4 address of the peer.
mask: Specifies the mask in dotted decimal notation. The default mask is 255.255.255.255.
mask-length: Specifies the mask length in the range of 0 to 32. The default mask length is 32.
ipv6: Specifies an IPv6 peer.
ipv6-address: Specifies the IPv6 address of the peer.
prefix-length: Specifies the prefix length in the range of 0 to 128. The default prefix length is 128.
hostname host-name: Specifies a peer by its hostname, a case-sensitive string of 1 to 255
characters.
key: Specifies a pre-shared key.
cipher: Specifies a pre-shared key in encrypted form.
simple: Specifies a pre-shared key in plaintext form. For security purposes, the key specified in
plaintext form will be stored in encrypted form.
string: Specifies the pre-shared key. The key is case sensitive. In non-FIPS mode, its plaintext form
is a string of 1 to 128 characters and its encrypted form is a string of 1 to 201 characters. In FIPS
mode, its plaintext form is a string of 1 to 128 characters and its encrypted form is a string of 15 to
201 characters.
Usage guidelines
The address option or the hostname option specifies the peer with which the device can use the
pre-shared key to perform IKE negotiation.
Two peers must be configured with the same pre-shared key to pass pre-shared key authentication.
In FIPS mode, if you do not specify the cipher string option, you specify a plaintext pre-shared key in
interactive mode. The key is a case-sensitive string of 15 to 128 characters, and it must contain
uppercase and lowercase letters, digits, and special characters other than the question mark (?). In
non-FIPS mode, this command does not support configuring a pre-shared key in interactive mode.
Examples
# Create the IKE keychain key1 and enter IKE keychain view.
<Sysname> system-view
[Sysname] ike keychain key1
# Set the pre-shared key to be used for IKE negotiation with peer 1.1.1.2 to 123456TESTplat&!.

Table of Contents

Other manuals for H3C MSR Series

Preview: Manual
Manual33 pages
Preview: Probe Command Reference
Probe Command Reference28 pages
Preview: Configuration Guide
Configuration Guide80 pages
Preview: Troubleshooting Guide
Troubleshooting Guide28 pages
Preview: User Guide
User Guide26 pages

Related product manuals