JUNOSe 9.1.x Command Reference Guide A to M > I Commands > ipsec key manual pre-share

ipsec key manual pre-share

Description: 

Specifies a preshared key for a remote peer, indexed by remote IP or remote identity. It can also specify a preshared key which is indexed by the local ip / remote IP pair for use in specific pairings or in group preshared keys (remote is wildcard 0.0.0.0).

Manually configured keys are used during the tunnel establishment phase when the ISAKMP/IKE policy specifies preshared key authentication.

You can identify the remote peer by either IP address or fully qualified domain name (FQDN). The no version deletes a preshared key.

NOTE: You must enter this command in the virtual router context where the IP address or FQDN of the peer is defined.

Syntax: 

[ no ] ipsec key manual pre-share { ipAddress | ip address ipAddress | identity fqdn | local-ip-address localIpAddress [ remote-ip-address remoteIpAddress ] }

• ipAddress—Address of the peer for which the key can be used
• fqdn—Fully qualified domain name of the peer for which the key can be used; a maximum of 80 characters
• localIpAddress—Address of the local peer for which the key can be used
• remoteIpAddress—Address of the remote peer for which the key can be used

Mode(s): 

Global Configuration

    Release Information    Command introduced before JUNOSe Release 7.1.0.
local-ip-address and remote-ip-address keywords added in JUNOSe Release 7.3.0.
localIpAddress and remoteIpAddress variables added in JUNOSe Release 7.3.0.