You are here: Home > CLI Commands > Just_CLI_Topics > crypto-local isakmp key

crypto-local isakmp key

crypto-local isakmp {key <keystring>|key-hex <keystring>}

address <peer-address> netmask <mask>

addressv6 <peer-addressv6>

fqdn <ike-id-fqdn>

fqdn-any

Description

This command configures the IKEInternet Key Exchange. IKE is a key management protocol used with IPsec protocol to establish a secure communication channel. IKE provides additional feature, flexibility, and ease of configuration for IPsec standard. preshared key for site-to-site VPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two..

Syntax

Parameter

Description

key <keystring>

IKEInternet Key Exchange. IKE is a key management protocol used with IPsec protocol to establish a secure communication channel. IKE provides additional feature, flexibility, and ease of configuration for IPsec standard. preshared key value, between 6-64 characters.

To configure a pre-shared key that contains non-alphanumeric characters, surround the key with quotation marks. For example: crypto-local isakmp key “key with spaces” fqdn-any.

key-hex <keystring>

IKEInternet Key Exchange. IKE is a key management protocol used with IPsec protocol to establish a secure communication channel. IKE provides additional feature, flexibility, and ease of configuration for IPsec standard. preshared key value, between 6-64 hex-based characters.

To configure a pre-shared key that contains non-alphanumeric characters, surround the key with quotation marks.

address <peer-address>

IP address for the preshared key.

netmask <mask>

NetmaskNetmask is a 32-bit mask used for segregating IP address into subnets. Netmask defines the class and range of IP addresses. for the preshared key.

addressv6 <peer-addressv6>

IPv6 address for the preshared key.

fqdn <ike-id-fqdn>

Configures the PSKPre-shared key. A unique shared secret that was previously shared between two parties by using a secure channel. This is used with WPA security, which requires the owner of a network to provide a passphrase to users for network access. for the specified FQDNFully Qualified Domain Name. FQDN is a complete domain name that identifies a computer or host on the Internet..

fqdn-any

Configures the PSKPre-shared key. A unique shared secret that was previously shared between two parties by using a secure channel. This is used with WPA security, which requires the owner of a network to provide a passphrase to users for network access. for any FQDNFully Qualified Domain Name. FQDN is a complete domain name that identifies a computer or host on the Internet..

Usage Guidelines

This command configures the IKEInternet Key Exchange. IKE is a key management protocol used with IPsec protocol to establish a secure communication channel. IKE provides additional feature, flexibility, and ease of configuration for IPsec standard. preshared key.

Example

The following command configures an IKEInternet Key Exchange. IKE is a key management protocol used with IPsec protocol to establish a secure communication channel. IKE provides additional feature, flexibility, and ease of configuration for IPsec standard. preshared key for site-to-site VPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.:

(host) [mynode] (config) #crypto-local isakmp key R8nD0mK3y address 172.16.100.1 netmask 255.255.255.255

Command History

Version

Modification

ArubaOS 8.0.0.0

Command introduced.

Command Information

Platforms

Licensing

Command Mode

All platforms

Base operating system.

Config mode on Mobility Master.

/*]]>*/