IPsec Manual Policy Configuration
© Copyright Lenovo 2017
The following table describes the commands used to configure an IPsec manual
policy.
Table 326.
IPsec Manual Policy Options
Command Syntax and Usage
ipsec manualpolicy <1‐10>
Enter IPsec manual policy mode.
Command mode: Global configuration
inah authkey <key code (hexadecimal)>
Sets inbound Authentication Header (AH) authenticator key.
Note: For manual policies, when peering with a third‐party device, key
lengths are fixed to 20 characters for SHA1.
Command mode: IPsec manual policy
inah spi <256‐4294967295>
Sets the inbound Authentication Header (AH) Security Parameter Index (SPI).
Note: For manual policies, when peering with a third‐party device, key
lengths are fixed to 20 characters for SHA1.
Command mode: IPsec manual policy
inesp {authkey|cipherkey} <key code (hexadecimal)>
Sets the inbound Encapsulating Security Payload (ESP) authenticator key or
cipher key.
Note: For manual policies, when peering with a third‐party device, key
lengths are fixed to 8 characters for DES and to 24 characters for 3DES and
AES‐CBC encryption.
Command mode: IPsec manual policy
inesp spi <256‐4294967295>
Sets the inbound Encapsulating Security Payload (ESP) Security Parameter
Index (SPI).
Note: For manual policies, when peering with a third‐party device, key
lengths are fixed to 20 characters for SHA1.
Command mode: IPsec manual policy
outah authkey <key code (hexadecimal)>
Sets the outbound Authentication Header (AH) authenticator key.
Note: For manual policies, when peering with a third‐party device, key
lengths are fixed to 20 characters for SHA1.
Command mode: IPsec manual policy
Chapter 4: Configuration Commands
595