set session-key

OcNOS-SP : System Management Guide : System Management Command Reference : OSPFv3 IPSec Authentication Commands : set session-key

set session-key

Use this command to define IPSec keys for security associations via ipsec-manual crypto map entries.

When you define multiple IPSec session keys within a single crypto map, you can assign the same security parameter index (SPI) number to all the keys. The SPI is used to identify the security association used with the crypto map.

Session keys at one peer must match the session keys at the remote peer.

Command syntax

set session-key (inbound|outbound) esp SPI cipher HEX-KEY-DATA authenticator HEX-KEY-DATA

no set session-key (inbound|outbound) esp SPI

Parameters

inbound

Sets the inbound IPSec session key. Both inbound and outbound keys must be set.

outbound

Sets the outbound IPSec session key. Both inbound and outbound keys must be set.

esp

Sets the IPSec session key for the Encapsulation Security Protocol.

SPI

Specifies the security parameter index (SPI), a number that is used to uniquely identify a security association.

cipher

Indicates that the key string is to be used with the ESP encryption.

HEX-KEY-DATA

Specifies the session key in hexadecimal format.

authenticator

Indicates that the key string is to be used with the ESP authentication.

Default

None

Command Mode

Crypto map sequence mode

Applicability

This command is introduced in OcNOS version 6.0.0

Examples

#configure terminal

(config)#crypto map MAP1 ipsec-manual

(config-crypto)#sequence 1

(config-crypto-seq)#set session-key outbound esp 200 cipher 123456781234567812345678123456781234567812345678 authenticator 123456781234567812345678

(config-crypto-seq)#set session-key inbound esp 200 cipher 123456781234567812345678123456781234567812345678 authenticator 123456781234567812345678

Last modified date: 08/28/2023