Security
70
System Management Guide
3HE 11018 AAAC TQZZA Edition: 01
Optionally, each key can include an end time and tolerance.
Use the following CLI commands to configure a keychain:
CLI Syntax: config>system>security
keychain name
description description-string
direction
bi
entry entry-id [key authentication-
key | hash-key | hash2-key [hash
| hash2] algorithm algorithm]
begin-time [date] [hours-
minutes] [UTC]
tolerance {seconds | forever}
uni
receive
entry entry-id [key
authentication-key | hash-key
| hash2-key [hash | hash2]
algorithm algorithm]
begin-time [date] [hours-
minutes] [UTC]
tolerance {seconds |
forever}
send
entry entry-id [key
authentication-key | hash-key
| hash2-key [hash | hash2]
algorithm algorithm]
begin-time [date] [hours-
minutes] [UTC]
The following example displays a keychain configuration:
A:ALU-1>config>system>security># info detail
----------------------------------------------
...
keychain "ospf-md5"
description "MD5 keychain for OSPF interfaces"
tcp-option-number
send 254
receive 254
exit
direction
bi
entry 0 key "VyScMGuUfEQw9vxb9YWEG8oEeyRxTrGC.aFwWKzlO1E
" hash2 algorithm message-digest
no shutdown
begin-time 2016/06/01 00:00:00 UTC
no option
exit
To Next Page
Loading...
