Initiate [main | aggressive – ADTRAN 1000R Series User Manual

Command Reference Guide

IKE Policy Command Set

61200510L1-35E

Copyright © 2005 ADTRAN

1266

initiate [main | aggressive]

Use the initiate command to allow the IKE policy to initiate negotiation (in main mode or aggressive
mode) with peers. Use the no form of this command to allow the policy to respond only.

Syntax Description

main

Specifies to initiate using main mode. Main mode requires that each end of the
VPN tunnel has a static WAN IP address. Main mode is more secure than
aggressive mode because more of the main mode negotiations are encrypted.

aggressive

Specifies to initiate using aggressive mode. Aggressive mode can be used when
one end of the VPN tunnel has a dynamically assigned address. The side with the
dynamic address must be the initiator of the traffic and tunnel. The side with the
static address must be the responder.

Default Values

By default, the main initiation mode is enabled.

Applicable Platforms

This command applies to the NetVanta 300, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900
Series units.

Command History

Release 4.1

Command was introduced.

Functional Notes

By using the initiate and respond commands, you can configure the IKE policy to initiate and respond,
initiate only, or respond only. It is an error if you have both initiate and respond disabled.

Usage Examples

The following example enables the AOS device to initiate IKE negotiation in main mode:

(config-ike)#initiate main