IPSEC_IKE_PEER_GENERATE_POLICY_UNKNOWNIPSEC_IKE_PEER_GENERATE_POLICY_OFFIPSEC_IKE_PEER_GENERATE_POLICY_ONIPSEC_IKE_PEER_GENERATE_POLICY_UNIQUEIPSEC_IKE_PEER_NAT_TRAVERSAL_UNKNOWNIPSEC_IKE_PEER_NAT_TRAVERSAL_OFFIPSEC_IKE_PEER_NAT_TRAVERSAL_ONIPSEC_IKE_PEER_NAT_TRAVERSAL_FORCESTATE_DISABLEDSTATE_ENABLEDIPSEC_IKE_PEER_CERT_TYPE_UNKNOWNIPSEC_IKE_PEER_CERT_TYPE_NONEIPSEC_IKE_PEER_CERT_TYPE_CERTFILEIPSEC_IKE_EXCHANGE_MODE_UNKNOWNIPSEC_IKE_EXCHANGE_MODE_AGGRESSIVEIPSEC_IKE_EXCHANGE_MODE_MAINIPSEC_DIFFIE_HELLMAN_GROUP_UNKNOWNIPSEC_DIFFIE_HELLMAN_GROUP_MODP768IPSEC_DIFFIE_HELLMAN_GROUP_MODP1024IPSEC_DIFFIE_HELLMAN_GROUP_MODP1536IPSEC_DIFFIE_HELLMAN_GROUP_MODP2048IPSEC_DIFFIE_HELLMAN_GROUP_MODP3072IPSEC_DIFFIE_HELLMAN_GROUP_MODP4096IPSEC_DIFFIE_HELLMAN_GROUP_MODP6144IPSEC_DIFFIE_HELLMAN_GROUP_MODP8192IPSEC_IKE_ENCR_ALG_UNKNOWNIPSEC_IKE_ENCR_ALG_DESIPSEC_IKE_ENCR_ALG_3DESIPSEC_IKE_ENCR_ALG_BLOWFISHIPSEC_IKE_ENCR_ALG_CAST128IPSEC_IKE_ENCR_ALG_AES128IPSEC_IKE_ENCR_ALG_AES192IPSEC_IKE_ENCR_ALG_AES256IPSEC_IKE_ENCR_ALG_CAMELLIAIPSEC_IKE_PEER_TYPE_UNKNOWNIPSEC_IKE_PEER_TYPE_ADDRESSIPSEC_IKE_PEER_TYPE_FQDNIPSEC_IKE_PEER_TYPE_USER_FQDNIPSEC_IKE_PEER_TYPE_KEYID_TAGIPSEC_IKE_PEER_TYPE_ASN1DNIPSEC_AUTH_METHOD_UNKNOWNIPSEC_AUTH_METHOD_PRE_SHARED_KEYIPSEC_AUTH_METHOD_RSA_SIGNATUREIPSEC_IKE_HASH_ALG_UNKNOWNIPSEC_IKE_HASH_ALG_MD5IPSEC_IKE_HASH_ALG_SHA1IPSEC_IKE_HASH_ALG_SHA256IPSEC_IKE_HASH_ALG_SHA384IPSEC_IKE_HASH_ALG_SHA512
Gets the names for all IPsec IKE peers.
Creates a set of IPsec IKE peers
Deletes a set of IPsec IKE peers.
Deletes all IPsec IKE peers.
Sets the description for the IPsec IKE peers.
This is an arbitrary field which can be used for any purpose.
Gets descriprion for each specified IPsec IKE peer.
Sets IPsec IKE peer modes for list of IPsec IKE peers.
Gets IPsec IKE peer modes for a list of IPsec IKE peers.
Sets the IPsec IKE peer remote BIG-IP system IP addresses
for a list of IPsec IKE peers.
Gets the IPsec IKE peer remote IP address for a list of IPsec IKE peers.
Sets the IPsec IKE peer lifetimes of an IKE security association
that will be proposed in the phase 1 negotiation for
a list of IPsec IKE peers.
Gets the IPsec IKE peer lifetimes of an IKE security association that
will be proposed in the phase 1 negotiation for a list of IPsec IKE peers.
Sets the IPsec IKE peer identifier types sent to the remote host
to use in the phase 1 negotiation for a list of IPsec IKE peers.
Gets the IPsec IKE peer identifier types sent to the remote host
to use in the phase 1 negotiation for a list of IPsec IKE peers.
Sets the IPsec IKE peer identifier values sent to the remote host
to use in the phase 1 negotiation for a list of IPsec IKE peers.
Gets the IPsec IKE peer identifier values sent to the remote
host to use in the phase 1 negotiation for a list of
IPsec IKE peers.
Sets the peer identifier types that can be used in the phase 1
negotiation for a list of IPsec IKE peers.
Gets the peer identifier types that can be used in the phase 1
negotiation for a list of IPsec IKE peers.
Sets the IPsec IKE peer identifier value to be received
for a list of IPsec IKE peers.
Gets the peer identifier values for a list of IPsec IKE peers.
Sets the state to passive for a set of IPsec IKE peers.
Set this to enable, if you do not want to be the initiator of
the IKE negotiation with this IKE peer.
Gets the passive state for a set of IPsec IKE peers.
Sets the IPsec IKE peer state to verify the peer's certificate
for a set of IPsec IKE peers.
Gets the IPsec IKE peer state of verify_certificate for
a set of IPsec IKE peers.
Sets the IPsec IKE peer certificate types for a list of IPsec IKE peers.
Gets the IPsec IKE peer certification types for a list of IPsec IKE peers.
Sets the IPsec IKE peer generate policy option.
Gets the IPsec IKE peer generate policy option.
Sets the IPsec IKE peer NAT traversal option.
Gets the IPsec IKE peer NAT traversal option.
Sets the IPsec IKE peer state to enable or disable. If you set the state
to disable, the IKE peer is completely disabled.
Gets the IPsec IKE peer state.
Sets the IPsec IKE peer proxy support to enable or disable.
Setting proxy support to enable gives the IKE peer the
ability to work over a proxy.
Gets IPsec IKE peer proxy support states.
Sets the name of ssl-crt file object for the certificate file
for each of the specified IPsec IKE peers.
Gets the name of the ssl-crt file object for the BIG-IP certificate file
for each IPsec IKE peer.
Sets the name of the ssl-key file object for the certificate file
for each IPsec IKE peer.
Gets the name of the ssl-key file object for the BIG-IP certificate file
for each IPsec IKE peer.
Sets the file object name of the root certificate authority (CA)
for each IPsec IKE peer.
Gets the file object name of the root certificate authority (CA)
for each IPsec IKE peer.
Sets the peer certificate file object name. If the peer certificate file
is defined, the isakmp daemon ignores the CERT payload from the peer,
and uses this certificate as the peer's certificate.
Gets the peer certificate file name.
Sets the IKE proposal name.
Gets the IKE proposal name.
Sets the IKE phase 1 authentication method.
Defines the authentication method used for
the phase 1 negotiation. Possible values are:
pre-shared-key and rsa-signature. Use
rsa-signature if using X.509 certificates.
Gets the IKE phase 1 authentication method.
Sets the IKE phase 1 hash algorithm.
Defines the hash algorithm used for the isakmp phase 1 negotiation.
This directive must be defined. The algorithm should be
one of following: md5, sha1, sha256, sha384, sha512.
Gets the IKE phase1 hash algorithm.
Sets the IKE phase 1 encryption algorithm.
Specifies the encryption algorithm used for the isakmp phase 1
negotiation. This directive must be defined. Possible value is
one of following: des, 3des, blowfish, cast128, aes, camellia.
Gets the IKE phase 1 encryption algorithm.
Sets the IKE phase 1 perfect forward secrecy.
Defines the group used for the Diffie-Hellman exponentiations
to provide perfect forward secrecy. This directive must be
defined. The group is one of following: modp768, modp1024,
modp1536, modp2048, modp3072, modp4096, modp6144, modp8192.
Gets the IKE phase 1 perfect forward secrecy.
Sets the preshared key for each specified
IPsec IKE peer.
Sets the preshared key (encrypted) for each specified
IPsec IKE peer.
Requires an already encrypted key.
Gets the preshared key encrypted (if any) for each specified
IPsec IKE peer.
Sets the IPsec IKE peer DPD delay for a list of IPsec IKE peers.
Gets the IPsec IKE peer DPD delay for a list of IPsec IKE peers.
Sets the name of the crl file object for each specified IPsec IKE peer.
Gets the name of the crl file object for each specified IPsec IKE peer.
Gets the version information for this interface.
Sets the replay window size for each specified IPsec IKE peer.
This window will limit the number of out of order IPsec packets
that can be received relative to the packet with the highest
sequence number that has been authenticated so far. Packets with
older sequence numbers that are outside of this range will be rejected.
This configuration affects only dynamic negotiated IPsec SAs to the
specified IPsec IKE peer. The default value is 64. The valid range
is from 4 to 255.
Gets the replay window size for each specified IPsec IKE peer.
Gets the names for all IPsec IKE peers.
Creates a set of IPsec IKE peers
Deletes a set of IPsec IKE peers.
Deletes all IPsec IKE peers.
Sets the description for the IPsec IKE peers.
This is an arbitrary field which can be used for any purpose.
Gets descriprion for each specified IPsec IKE peer.
Sets IPsec IKE peer modes for list of IPsec IKE peers.
Gets IPsec IKE peer modes for a list of IPsec IKE peers.
Sets the IPsec IKE peer remote BIG-IP system IP addresses
for a list of IPsec IKE peers.
Gets the IPsec IKE peer remote IP address for a list of IPsec IKE peers.
Sets the IPsec IKE peer lifetimes of an IKE security association
that will be proposed in the phase 1 negotiation for
a list of IPsec IKE peers.
Gets the IPsec IKE peer lifetimes of an IKE security association that
will be proposed in the phase 1 negotiation for a list of IPsec IKE peers.
Sets the IPsec IKE peer identifier types sent to the remote host
to use in the phase 1 negotiation for a list of IPsec IKE peers.
Gets the IPsec IKE peer identifier types sent to the remote host
to use in the phase 1 negotiation for a list of IPsec IKE peers.
Sets the IPsec IKE peer identifier values sent to the remote host
to use in the phase 1 negotiation for a list of IPsec IKE peers.
Gets the IPsec IKE peer identifier values sent to the remote
host to use in the phase 1 negotiation for a list of
IPsec IKE peers.
Sets the peer identifier types that can be used in the phase 1
negotiation for a list of IPsec IKE peers.
Gets the peer identifier types that can be used in the phase 1
negotiation for a list of IPsec IKE peers.
Sets the IPsec IKE peer identifier value to be received
for a list of IPsec IKE peers.
Gets the peer identifier values for a list of IPsec IKE peers.
Sets the state to passive for a set of IPsec IKE peers.
Set this to enable, if you do not want to be the initiator of
the IKE negotiation with this IKE peer.
Gets the passive state for a set of IPsec IKE peers.
Sets the IPsec IKE peer state to verify the peer's certificate
for a set of IPsec IKE peers.
Gets the IPsec IKE peer state of verify_certificate for
a set of IPsec IKE peers.
Sets the IPsec IKE peer certificate types for a list of IPsec IKE peers.
Gets the IPsec IKE peer certification types for a list of IPsec IKE peers.
Sets the IPsec IKE peer generate policy option.
Gets the IPsec IKE peer generate policy option.
Sets the IPsec IKE peer NAT traversal option.
Gets the IPsec IKE peer NAT traversal option.
Sets the IPsec IKE peer state to enable or disable. If you set the state
to disable, the IKE peer is completely disabled.
Gets the IPsec IKE peer state.
Sets the IPsec IKE peer proxy support to enable or disable.
Setting proxy support to enable gives the IKE peer the
ability to work over a proxy.
Gets IPsec IKE peer proxy support states.
Sets the name of ssl-crt file object for the certificate file
for each of the specified IPsec IKE peers.
Gets the name of the ssl-crt file object for the BIG-IP certificate file
for each IPsec IKE peer.
Sets the name of the ssl-key file object for the certificate file
for each IPsec IKE peer.
Gets the name of the ssl-key file object for the BIG-IP certificate file
for each IPsec IKE peer.
Sets the file object name of the root certificate authority (CA)
for each IPsec IKE peer.
Gets the file object name of the root certificate authority (CA)
for each IPsec IKE peer.
Sets the peer certificate file object name. If the peer certificate file
is defined, the isakmp daemon ignores the CERT payload from the peer,
and uses this certificate as the peer's certificate.
Gets the peer certificate file name.
Sets the IKE proposal name.
Gets the IKE proposal name.
Sets the IKE phase 1 authentication method.
Defines the authentication method used for
the phase 1 negotiation. Possible values are:
pre-shared-key and rsa-signature. Use
rsa-signature if using X.509 certificates.
Gets the IKE phase 1 authentication method.
Sets the IKE phase 1 hash algorithm.
Defines the hash algorithm used for the isakmp phase 1 negotiation.
This directive must be defined. The algorithm should be
one of following: md5, sha1, sha256, sha384, sha512.
Gets the IKE phase1 hash algorithm.
Sets the IKE phase 1 encryption algorithm.
Specifies the encryption algorithm used for the isakmp phase 1
negotiation. This directive must be defined. Possible value is
one of following: des, 3des, blowfish, cast128, aes, camellia.
Gets the IKE phase 1 encryption algorithm.
Sets the IKE phase 1 perfect forward secrecy.
Defines the group used for the Diffie-Hellman exponentiations
to provide perfect forward secrecy. This directive must be
defined. The group is one of following: modp768, modp1024,
modp1536, modp2048, modp3072, modp4096, modp6144, modp8192.
Gets the IKE phase 1 perfect forward secrecy.
Sets the preshared key for each specified
IPsec IKE peer.
Sets the preshared key (encrypted) for each specified
IPsec IKE peer.
Requires an already encrypted key.
Gets the preshared key encrypted (if any) for each specified
IPsec IKE peer.
Sets the IPsec IKE peer DPD delay for a list of IPsec IKE peers.
Gets the IPsec IKE peer DPD delay for a list of IPsec IKE peers.
Sets the name of the crl file object for each specified IPsec IKE peer.
Gets the name of the crl file object for each specified IPsec IKE peer.
Gets the version information for this interface.
Sets the replay window size for each specified IPsec IKE peer.
This window will limit the number of out of order IPsec packets
that can be received relative to the packet with the highest
sequence number that has been authenticated so far. Packets with
older sequence numbers that are outside of this range will be rejected.
This configuration affects only dynamic negotiated IPsec SAs to the
specified IPsec IKE peer. The default value is 64. The valid range
is from 4 to 255.
Gets the replay window size for each specified IPsec IKE peer.
This interface configures the IPsec Protocol suite for securing
Internet Protocol (IP) communications by authenticating and
encrypting each IP packet of a communication session.