Cisco Cisco Packet Data Gateway (PDG) Guía Para Resolver Problemas
HA Service Configuration Mode Commands
▀ isakmp
▄ Cisco ASR 5000 Series Command Line Interface Reference
OL-22948-01
isakmp
Configures the crypto map for a peer HA and configures the default crypto map for the FA service.
Product
HA
Privilege
Security Administrator, Administrator
Syntax
Deletes the reference to the crypto map for the specified HA, deletes the reference for the default crypto map,
resets the skew-lifetime to the default, or resets the aaa-context to the default.
resets the skew-lifetime to the default, or resets the aaa-context to the default.
Configures a crypto map for a peer FA.
: IP address of the peer FA to which this IPSEC SA will be established.
: The name of a crypto map configured in the same context that defines the
IPSec tunnel properties.
is the name of the crypto map and can be from 1 to 127 alpha
and/or numeric characters.
: This keyword is intended only for use by the chassis while saving configuration scripts.
The system displays the
keyword in the configuration file as a flag that the variable
following the
keyword is the encrypted version of the plain text secret key. Only the
encrypted secret key is saved as part of the configuration file.
: The pre-shared secret that will be used to during the IKE negotiation.
is
the secret string and can be from 1 to 127 alpha and/or numeric characters.
Default: 10 seconds
Configures the IKE pre-shared key‘s time skew.
Configures the IKE pre-shared key‘s time skew.
is the amount of time the IKE S key fetched from AAA is considered valid after the key has expired. It
is measured in seconds and can be configured to any integer value from 1 to 65535.
Default: The context in which the service is configured
Configures the name of the context on the system in which AAA functionality is performed.
context_name is the name of the context through which the HA service accesses the HAAA server to fetch
the IKE S Key and S Lifetime parameters. The name must be from 1 to 79 alpha and/or numeric characters
and is case sensitive.
Configures the name of the context on the system in which AAA functionality is performed.
context_name is the name of the context through which the HA service accesses the HAAA server to fetch
the IKE S Key and S Lifetime parameters. The name must be from 1 to 79 alpha and/or numeric characters
and is case sensitive.
Usage
Use this command to configure the FA-service‘s per-HA IPSec parameters. These dictate how the HA service
is to establish an IPSec SA with the specified FA.
is to establish an IPSec SA with the specified FA.