Cisco Cisco Packet Data Interworking Function (PDIF)
HA Service Configuration Mode Commands
▀ fa-ha-spi
▄ Command Line Interface Reference, StarOS Release 16
6074
fa-ha-spi
Configures the security parameter index (SPI) for specific HA service parameters.
Product
HA
Privilege
Security Administrator, Administrator
Mode
Exec > Global Configuration > Context Configuration > HA Service Configuration
configure > context context_name > ha-service service_name
Entering the above command sequence results in the following prompt:
[context_name]host_name(config-ha-service)#
Syntax
fa-ha-spi remote-address { fa_ip_address | fa_ip_address_mask } spi-number number {
encrypted secret enc_secret | secret secret } [ allow-fa-ha-auth-extension ] [
description string ] [ disallow-fa-ha-auth-extension ] [ hash-algorithm { hmac-md5 | md5
| rfc2002-md5 } ] [ replay-protection { nonce | timestamp [ timestamp-tolerance tolerance
] } ] [ timestamp-tolerance tolerance ]
encrypted secret enc_secret | secret secret } [ allow-fa-ha-auth-extension ] [
description string ] [ disallow-fa-ha-auth-extension ] [ hash-algorithm { hmac-md5 | md5
| rfc2002-md5 } ] [ replay-protection { nonce | timestamp [ timestamp-tolerance tolerance
] } ] [ timestamp-tolerance tolerance ]
no fa-ha-spiremote-address { ha_ip_address | ha_ip_address/mask } spi-number number
no
Disables the security parameter index (SPI) for specific HA service parameters.
remote-address { fa_ip_address | fa_ip_address/mask }
Specifies the IP address of the FA.
fa_ip_address
is entered using IPv4 dotted-decimal notation with
CIDR for the subnet mask.
Important:
The system supports unlimited peer FA addresses per HA but only maintains statistics for a
maximum of 8,192 peer FAs. If more than 8,192 FAs are attached, older statistics are overwritten.
spi-number
number
Specifies the SPI (number) which indicates a security context between the FA and the HA in accordance with
RFC 2002.
RFC 2002.
number
is an integer value from 256 through 4294967295.
encrypted secret
enc_secret
|
secret
secret
Configures the shared-secret between the HA service and the FA. The secret can be either encrypted or non-
encrypted.
encrypted.
encrypted secret
enc_secret
: Specifies the encrypted shared key between the HA service and the FA.
enc_secret
must be an alphanumeric string of 1 through 236 characters that is case sensitive.