[an error occurred while processing this directive][an error occurred while processing this directive]

replay-method

Syntax

replay-method (none | timestamp seconds);

Hierarchy Level

[edit logical-systems logical-system-name services mobile-ip peer ip-address address spi hexadecimal-value].[edit logical-systems logical-system-name services mobile-ip peer nai@domain spi hexadecimal-value].[edit logical-systems logical-system-name routing-instances routing-instances-name services mobile-ip peer ip-address address spi hexadecimal-value].[edit logical-systems logical-system-name routing-instances routing-instances-name services mobile-ip peer nai@domain spi hexadecimal-value].[edit routing-instances routing-instances-name services mobile-ip peer ip-address address spi hexadecimal-value].[edit routing-instances routing-instances-name services mobile-ip peer nai@domain spi hexadecimal-value],[edit services mobile-ip peer ip-address address spi hexadecimal-value],[edit services mobile-ip peer nai@domain spi hexadecimal-value]

Release Information

Statement introduced in JUNOS Release 9.3.

Support at the [edit logical-systems logical-system-name services mobile-ip peer ip-address address spi hexadecimal-value], [edit logical-systems logical-system-name services mobile-ip peer nai@domain spi hexadecimal-value], [edit logical-systems logical-system-name routing-instances routing-instances-name services mobile-ip peer ip-address address spi hexadecimal-value], [edit logical-systems logical-system-name routing-instances routing-instances-name services mobile-ip peer nai@domain spi hexadecimal-value], [edit routing-instances routing-instances-name services mobile-ip peer ip-address address spi hexadecimal-value], and [edit routing-instances routing-instances-name services mobile-ip peer nai@domain spi hexadecimal-value] hierarchy levels added in JUNOS Release 9.5.

Description

Configure the replay protection method. The Identification field enables the home agent to verify that a registration message has been recently generated by the mobile node, rather than replayed by an attacker from a previous registration. You can specify a timestamp tolerance for the mobile node, which causes the request to be rejected if the tolerance is exceeded, or you can specify that the tolerance be taken from the value configured on the home agent.

Default

If you do not configure the replay protection method, then the timestamp tolerance is taken from the home agent by default.

Options

none—Timestamp tolerance is obtained from the setting configured for the home agent

timestamp seconds—Tolerance time in which a registration request timestamp and the local time of the home agent can differ.

Range: 1 through 255 seconds

Required Privilege Level

system—To view this statement in the configuration.

system-control—To add this statement to the configuration.


Published: 2010-04-15

[an error occurred while processing this directive]