Fortinet Document Library

Version:


Table of Contents

CLI Reference

6.2.1
Copy Link

Configure IPsec manual keys.

  config vpn ipsec manualkey
      Description: Configure IPsec manual keys.
      edit <name>
          set interface {string}
          set remote-gw {ipv4-address}
          set local-gw {ipv4-address-any}
          set authentication [null|md5|...]
          set encryption [null|des|...]
          set authkey {user}
          set enckey {user}
          set localspi {user}
          set remotespi {user}
      next
  end

config vpn ipsec manualkey

Parameter Name Description Type Size
interface Name of the physical, aggregate, or VLAN interface. string Maximum length: 15
remote-gw Peer gateway. ipv4-address Not Specified
local-gw Local gateway. ipv4-address-any Not Specified
authentication Authentication algorithm. Must be the same for both ends of the tunnel.
null: Null.
md5: MD5.
sha1: SHA1.
sha256: SHA256.
sha384: SHA384.
sha512: SHA512.
option -
encryption Encryption algorithm. Must be the same for both ends of the tunnel.
null: Null.
des: DES.
3des: 3DES.
aes128: AES128.
aes192: AES192.
aes256: AES256.
aria128: ARIA128.
aria192: ARIA192.
aria256: ARIA256.
seed: Seed.
option -
authkey Hexadecimal authentication key in 16-digit (8-byte) segments separated by hyphens. user Not Specified
enckey Hexadecimal encryption key in 16-digit (8-byte) segments separated by hyphens. user Not Specified
localspi Local SPI, a hexadecimal 8-digit (4-byte) tag. Discerns between two traffic streams with different encryption rules. user Not Specified
remotespi Remote SPI, a hexadecimal 8-digit (4-byte) tag. Discerns between two traffic streams with different encryption rules. user Not Specified

Configure IPsec manual keys.

  config vpn ipsec manualkey
      Description: Configure IPsec manual keys.
      edit <name>
          set interface {string}
          set remote-gw {ipv4-address}
          set local-gw {ipv4-address-any}
          set authentication [null|md5|...]
          set encryption [null|des|...]
          set authkey {user}
          set enckey {user}
          set localspi {user}
          set remotespi {user}
      next
  end

config vpn ipsec manualkey

Parameter Name Description Type Size
interface Name of the physical, aggregate, or VLAN interface. string Maximum length: 15
remote-gw Peer gateway. ipv4-address Not Specified
local-gw Local gateway. ipv4-address-any Not Specified
authentication Authentication algorithm. Must be the same for both ends of the tunnel.
null: Null.
md5: MD5.
sha1: SHA1.
sha256: SHA256.
sha384: SHA384.
sha512: SHA512.
option -
encryption Encryption algorithm. Must be the same for both ends of the tunnel.
null: Null.
des: DES.
3des: 3DES.
aes128: AES128.
aes192: AES192.
aes256: AES256.
aria128: ARIA128.
aria192: ARIA192.
aria256: ARIA256.
seed: Seed.
option -
authkey Hexadecimal authentication key in 16-digit (8-byte) segments separated by hyphens. user Not Specified
enckey Hexadecimal encryption key in 16-digit (8-byte) segments separated by hyphens. user Not Specified
localspi Local SPI, a hexadecimal 8-digit (4-byte) tag. Discerns between two traffic streams with different encryption rules. user Not Specified
remotespi Remote SPI, a hexadecimal 8-digit (4-byte) tag. Discerns between two traffic streams with different encryption rules. user Not Specified