4 set or modify the peer descriptor parameters, Modify command, Example – Nortel Networks 608(WL) User Manual

Chapter 4

Configuration via the Command Line Interface

E-DOC-CTC-20051017-0169 v0.1

116

4.3.4 Set or Modify the Peer Descriptor Parameters

modify command

The

ipsec peer descriptor modify

command sets or modifies the Peer

Security Descriptor parameters.

Example

In this example, the parameters of the previously defined Peer Security Descriptor
peerdes1 are set to the following values:



crypto = AES



keylen = 128



integrity = MD5



group = MODP1536



lifetime secs = 84600

[ipsec peer descriptor]=>modify
name = peerdes1
[crypto] =
DES

3DES

AES

[crypto] = AES
keylen =
128

192

256

keylen = 128
[integrity] =
MD5

SHA1

[integrity] = MD5
[group] =
MODP768

MODP1024

MODP1536

[group] = MODP1536
[lifetime_secs] = 84600
:IPSec peer descriptor modify name=peerdes1 crypto=AES keylen=128
integrity=MD5 group=MODP1536 lifetime_secs=84600
[ipsec peer descriptor]=>

The parameters of the pre-defined descriptors can also be changed with the
modify command. Use this feature for example if you want to change the
lifetime parameter only.

The descriptors must match at both peers in order to have a successful
outcome of the Phase 1 negotiation.