471
HTYnE2RDHXkhPGR5FGJsZnd21XLvd2BEkGGmhTk80nDeiI2XH3D48E6UahQwcam/
q/txd/KsLnp0rpJkc/WhOTprioeLQQEBayixKRWzNLsZt3L6lqYbA01Z1THho+EV
0Ng0EZKQyiRV1j7gsBYFRinbSAsIpeYlr7gDAnBCRJdSfPNBKG+ewg==
-----END RSA PRIVATE KEY-----
^C
Please input the password:
# Create the GDOI KS group ks2.
[KS2] gdoi ks group
# Configure the group ID as 12345.
[KS2-gdoi-ks-group-ks2] identity number 12345
# Reference the key pair rsa1.
[KS2-gdoi-ks-group-ks2] rekey authentication public-key rsa rsa1
# Reference the rekey ACL forrekey.
[KS2-gdoi-ks-group-ks2] rekey acl name forrekey
# Create an IPsec policy.
[KS2-gdoi-ks-group-ks2] ipsec 10
# Reference the IPsec profile fortek.
[KS2-gdoi-ks-group-ks2-ipsec-10] profile fortek
# Reference the ACL fortek.
[KS2-gdoi-ks-group-ks2-ipsec-10] security acl name fortek
[KS2-gdoi-ks-group-ks2-ipsec-10] quit
# Specify the peer KS 100.1.1.100.
[KS2-gdoi-ks-group-ks2] peer address 100.1.1.100
# Specify the source address of sent packets as 200.2.2.200.
[KS2-gdoi-ks-group-ks2]source address 200.2.2.200
# Specify the local priority as 10000.
[KS2-gdoi-ks-group-ks2] local priority 100
# Enable GDOI KS redundancy.
[KS2-gdoi-ks-group-ks2] redundancy enable
Configuring GM 1
# Configure IP addresses for interfaces. (Details not shown.)
# Create IKE proposal 1.
<GM1> system-view
[GM1] ike proposal 1
# Specify the encryption algorithm AES-CBC 128 for the IKE proposal.
[GM1-ike-proposal-1] encryption-algorithm aes-cbc 128
# Specify the authentication algorithm SHA1 for the IKE proposal.
[GM1-ike-proposal-1] authentication-algorithm sha
# Specify DH group2 for the IKE proposal.
[GM1-ike-proposal-1] dh group2
[GM1-ike-proposal-1] quit
# Create IKE peer toks1.
[GM1] ike peer toks1
# Reference IKE proposal 1 for the IKE peer.
To Next Page
Loading...
Need help?
General
