Cisco Cisco Packet Data Interworking Function (PDIF)
FA Service Configuration Mode Commands
▀ isakmp
▄ Command Line Interface Reference, StarOS Release 18
5076
isakmp
Configures support for IPSec within the FA-service.
Product
PDSN
ASN-GW
GGSN
Privilege
Security Administrator, Administrator
Mode
Exec > Global Configuration > Context Configuration > FA Service Configuration
configure > context context_name > fa-service service_name
Entering the above command sequence results in the following prompt:
[context_name]host_name(config-fa-service)#
Syntax
isakmp {peer-ha ha_address { crypto map map_name [ [ encrypted ] secret secret ] } |
default { crypto map map_name [ [ encrypted ] secretsecret ] } }
default { crypto map map_name [ [ encrypted ] secretsecret ] } }
no isakmp { peer-ha peer_ip_address | default }
no
Deletes the reference to the crypto map for the specified HA, or deletes the reference for the default crypto
map.
map.
peer-ha ha_address
{
crypto map
map_name
[ [
encrypted ]
secret
preshared_secret
] }
Configures a crypto map for a peer HA.
ha_address
: The IP address of the HA with which the FA service will establish an IPSec SA. The
address must be expressed in IPv4 dotted-decimal format.
crypto map
map_name
: The name of a crypto map configured in the same context that defines the
IPSec tunnel properties.
map_name
is the name of the crypto map expressed as an alphanumeric
string of 1 through 127 characters.
encrypted
: This keyword is intended only for use by the system while saving configuration scripts.
The system displays the
encrypted
keyword in the configuration file as a flag that the variable
following the
secret
keyword is the encrypted version of the plain text secret key. Only the
encrypted secret key is saved as part of the configuration file.
secret secret
: The pre-shared secret that will be used during the IKE negotiation.
preshared_secret
is the secret expressed as an alphanumeric string of 1 through 127 characters.
default { crypto map
map_name
[ [ encrypted ]
secret
secret
] }
Specifies the default crypto map to use when there is no matching crypto map configured for an HA address.