Mkmsetoutboundah – AMX NI-2100/3100/4100 User Manual

Appendix A: IPSec Configuration File

136

NI Series WebConsole & Programming Guide

mkmSetOutboundAH

mkmSetOutboundAH

NAME

mkmSetOutboundAH – set the transform ID and key for an outbound AH SA

SYNOPSIS

mkmSetOutboundAH=cptr_value_string

DESCRIPTION This rule sets the transform ID and key for an outbound AH SA.

Rule Value:

cptr_value_string

A string formatted as follows:

saNumber,spi,ahTransformID,key

where
- saNumber is a unique unsigned integer specified by the user.
- spi is the decValue for the security parameter index, an unsigned long. SPI >255 and
SPI < SPI_BOUNDARY, which is defined as 2048.
- ahTransformID is:

MD5 | SHA | HMAC-MD5 | HMAC-SHA | HMAC-SHA2-256 | HMAC-SHA2-384 |

HMAC-SHA2-512 | HMAC-RIPEMD | AES-XCBC-MAC

Note that MD5 (deprecated) is equivalent to HMAC-MD5; SHA (deprecated) is equivalent to
HMAC-SHA.
- key is the authentication algorithm key in hexadecimal. It must be 32 characters for MD5; 40
characters for SHA; 64 characters for SHA2-256; 96 characters for SHA2-384; 128 charac-
ters for SHA2-512; and 40 characters for RIPEMD.
The traffic selectors for the transport or tunnel SA should be added before attempting to set
the transform and keys for the same Security Association (identified by SA Number).

EXAMPLES

mkmSetOutboundAH=0,258,HMAC-MD5,123456789ABCDEF0FEDCBA987654321

Config String
Format

saNumber.spi,ahTransformID,key