EasyManuals Logo
Home>Siemens>Network Hardware>RUGGEDCOM ROX II

Siemens RUGGEDCOM ROX II User Manual

Siemens RUGGEDCOM ROX II
798 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #455 background imageLoading...
Page #455 background image
RUGGEDCOM ROX II
CLI User Guide
Chapter 12
Tunneling and VPNs
Managing Pre-Shared Keys 409
000 WARNING: Either virtual_private= is not specified, or there is a syntax
000 error in that line. 'left/rightsubnet=vhost:%priv' will not work!
000 WARNING: Disallowed subnets in virtual_private= is empty. If you have
000 private address space in internal use, it should be excluded!
000
000 algorithm ESP encrypt: id=2, name=ESP_DES, ivlen=8, keysizemin=64, keysizemax=64
000 algorithm ESP encrypt: id=3, name=ESP_3DES, ivlen=8, keysizemin=192, keysizemax=192
000 algorithm ESP encrypt: id=11, name=ESP_NULL, ivlen=0, keysizemin=0, keysizemax=0
000 algorithm ESP encrypt: id=12, name=ESP_AES, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=14, name=ESP_AES_CCM_A, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=15, name=ESP_AES_CCM_B, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=252, name=ESP_SERPENT, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=253, name=ESP_TWOFISH, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128, keysizemax=128
000 algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160, keysizemax=160
000 algorithm ESP auth attr: id=251, name=(null), keysizemin=0, keysizemax=0
000
000 algorithm IKE encrypt: id=0, name=(null), blocksize=16, keydeflen=131
000 algorithm IKE encrypt: id=3, name=OAKLEY_BLOWFISH_CBC, blocksize=8, keydeflen=128
000 algorithm IKE encrypt: id=65289, name=OAKLEY_TWOFISH_CBC_SSH, blocksize=16, keydeflen=128
000 algorithm IKE hash: id=1, name=OAKLEY_MD5, hashsize=16
000 algorithm IKE hash: id=2, name=OAKLEY_SHA1, hashsize=20
000 algorithm IKE hash: id=4, name=OAKLEY_SHA2_256, hashsize=32
000 algorithm IKE hash: id=6, name=OAKLEY_SHA2_512, hashsize=64
000 algorithm IKE dh group: id=2, name=OAKLEY_GROUP_MODP1024, bits=1024
000 algorithm IKE dh group: id=5, name=OAKLEY_GROUP_MODP1536, bits=1536
000 algorithm IKE dh group: id=18, name=OAKLEY_GROUP_MODP8192, bits=8192
000
000 stats db_ops: {curr_cnt, total_cnt, maxsz} :context={0,0,0} trans={0,0,0} attrs={0,0,0}
000
000 "ipsec-12": 192.168.22.0/24===192.168.12.2<192.168.12.2>[C=CA, ST=Ontario, O=RuggedCom,
CN=router2, E=router2@example.com,+S=C]...192.168.12.1<192.168.12.1>[C=CA, ST=Ontari o,
O=RuggedCom, CN=router1, E=router1@example.com,+S=C]===192.168.11.0/24; erouted; eroute owner: #2
000 "ipsec-12": myip=unset; hisip=unset; myup=ipsec _updown --route yes; hisup=ipsec _updown --
route yes; mycert=router2;
000 "ipsec-12": CAs: 'C=CA, ST=Ontario, O=RuggedCom, CN=CA, E=ca@example.com'...'%any'
000 "ipsec-12": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%;
keyingtries: 0
000 "ipsec-12": policy: RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW+lKOD+rKOD; prio: 24,24;
interface: switch.0012;
000 "ipsec-12": newest ISAKMP SA: #4; newest IPsec SA: #2;
000 "ipsec-12": IKE algorithm newest: AES_CBC_128-SHA1-MODP2048
000
000 #4: "ipsec-12":500 STATE_MAIN_I4 (ISAKMP SA established); EVENT_SA_REPLACE in 106s; newest
ISAKMP; lastdpd=-1s(seq in:0 out:0); idle; import:admin initiate
000 #2: "ipsec-12":500 STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 19349s;
newest IPSEC; eroute owner; isakmp#1; idle; import:admin initiate
000 #2: "ipsec-12" esp.edfbc8f8@192.168.12.1 esp.53ffca14@192.168.12.2 tun.0@192.168.12.1
tun.0@192.168.12.2 ref=0 refhim=4294901761
000
Section12.8.5
Managing Pre-Shared Keys
Pre-shared keys are used in secret key cryptography. For more information about secret key cryptography and pre-
shared keys, refer to Section12.8.1.3, “Public and Secret Key Cryptography”.
CONTENTS
Section12.8.5.1, “Viewing a List of Pre-Shared Keys”
Section12.8.5.2, “Adding a Pre-Shared Key”

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Siemens RUGGEDCOM ROX II and is the answer not in the manual?

Siemens RUGGEDCOM ROX II Specifications

General IconGeneral
BrandSiemens
ModelRUGGEDCOM ROX II
CategoryNetwork Hardware
LanguageEnglish

Related product manuals