Cisco Cisco Packet Data Gateway (PDG)
fa-ha-spi
Configures the security parameter index (SPI) for specific HA service parameters.
Product
HA
Privilege
Security Administrator, Administrator
Command Modes
Exec > Global Configuration > Context Configuration > HA Service Configuration
configure > context context_name > ha-service service_name
Entering the above command sequence results in the following prompt:
[
context_name
]
host_name
(config-ha-service)#
Syntax Description
fa-ha-spi remote-address { fa_ip_address | fa_ip_address_mask } spi-number number { encrypted secret
enc_secret | secret secret } [ allow-fa-ha-auth-extension ] [ description string ] [
disallow-fa-ha-auth-extension ] [ hash-algorithm { hmac-md5 | md5 | rfc2002-md5 } ] [ replay-protection
{ nonce | timestamp [ timestamp-tolerance tolerance ] } ] [ timestamp-tolerance tolerance ]
no fa-ha-spiremote-address { ha_ip_address | ha_ip_address/mask } spi-number number
no
Disables the security parameter index (SPI) for specific HA service parameters.
remote-address { fa_ip_address | fa_ip_address/mask }
Specifies the IP address of the FA. fa_ip_address is entered using IPv4 dotted-decimal notation with CIDR
for the subnet mask.
for the subnet mask.
The system supports unlimited peer FA addresses per HA but only maintains statistics for a maximum of
8,192 peer FAs. If more than 8,192 FAs are attached, older statistics are overwritten.
8,192 peer FAs. If more than 8,192 FAs are attached, older statistics are overwritten.
Important
spi-number number
Specifies the SPI (number) which indicates a security context between the FA and the HA in accordance with
RFC 2002.
RFC 2002.
number is an integer value from 256 through 4294967295.
Command Line Interface Reference, Modes G - H, StarOS Release 19
1254
HA Service Configuration Mode Commands
fa-ha-spi