Configuring the Local Authentication Attributes for the Mobile Node

You specify for each mobile node several attributes that enable authentication of registration requests from the node. These attributes include security association context for the peering relationship, the entity type of the node, the encryption algorithm and key used to authenticate the request, and replay protection.

To configure authentication attributes for the mobile node:

1. Configure the peer entity for the security parameter.

   [edit services mobile-ip]

   user@host# set peer ip-address 10.4.2.20 spi 500 entity-type mobility-agent

2. Configure the algorithm used for authenticating Mobile IP messages. By default, the hmac-md5 algorithm is used.

   [edit services mobile-ip]

   user@host# set peer ip-address 10.4.2.20 spi 500 algorithm md5

3. Configure the authentication key for the security association, in either HEX or ASCII format.

   [edit services mobile-ip]

   user@host# set peer ip-address 10.4.2.20 spi 500 key ascii xf125j9m

4. Configure a timestamp tolerance for registration replay protection or specify that the timestamp tolerance be taken from the value configured on the home agent.

   [edit services mobile-ip]

   user@host# set peer ip-address 10.4.2.20 spi 500 replay-method timestamp tolerance 250

Related Topics

• Configuring Mobile IP
• algorithm
• entity-type
• key
• peer
• replay-method
• spi