ZyXEL Communications 3.1 Security Camera User Manual


  Open as PDF
of 386
 
Chapter 17 IPSec VPN
ZyWALL (ZLD) CLI Reference Guide
147
17.2.3 IPSec SA Commands (for Manual Keys)
This table lists the additional commands for IPSec SAs using manual keys (VPN connections using
manual keys).
17.2.4 VPN Concentrator Commands
This table lists the commands for the VPN concentrator.
Table 73 crypto map Commands: IPSec SAs (Manual Keys)
COMMAND DESCRIPTION
crypto map map_name
set session-key {ah <256..4095>
auth_key | esp <256..4095> [cipher
enc_key] authenticator auth_key}
Sets the active protocol, SPI (<256..4095>), authentication key and
encryption key (if any).
auth_key: You can use any alphanumeric characters or
,;|`~!@#$%^&*()_+\{}':./<>=-".
The length of the key depends on
the algorithm.
md5 - 16-20 characters
sha - 20 characters
sha256 - 32 characters
sha512 - 64 characters
enc_key: You can use any alphanumeric characters or
,;|`~!@#$%^&*()_+\{}':./<>=-". The length of the key depends on
the algorithm.
des - 8-32 characters
3des - 24-32 characters
aes128 - 16-32 characters
aes192 - 24-32 characters
aes256 - 32 characters
If you want to enter the key in hexadecimal, type “0x” at the beginning
of the key. For example, "0x0123456789ABCDEF" is in hexadecimal
format; in “0123456789ABCDEF” is in ASCII format. If you use
hexadecimal, you must enter twice as many characters.
The ZyWALL automatically ignores any characters above the minimum
number of characters required by the algorithm. For example, if you
enter
1234567890XYZ for a DES encryption key, the ZyWALL only
uses
12345678. The ZyWALL still stores the longer key.
local-ip ip Sets the local gateway address to the specified IP address.
peer-ip ip Sets the remote gateway address to the specified IP address.
Table 74 vpn-concentrator Commands: VPN Concentrator
COMMAND DESCRIPTION
show vpn-concentrator [profile_name] Shows the specified VPN concentrator or all VPN concentrators.
[no] vpn-concentrator profile_name Creates the specified VPN concentrator if necessary and enters sub-command
mode. The
no command deletes the specified VPN concentrator.
 previous next