Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

config vpn ipsec manualkey

Configure IPsec manual keys.

config vpn ipsec manualkey

Description: Configure IPsec manual keys.

edit <name>

set interface {string}

set remote-gw {ipv4-address}

set local-gw {ipv4-address-any}

set authentication [null|md5|...]

set encryption [null|des|...]

set authkey {user}

set enckey {user}

set localspi {user}

set remotespi {user}

set npu-offload [enable|disable]

next

end

config vpn ipsec manualkey

Parameter name

Description

Type

Size

interface

Name of the physical, aggregate, or VLAN interface.

string

Maximum length: 15

remote-gw

Peer gateway.

ipv4-address

Not Specified

local-gw

Local gateway.

ipv4-address-any

Not Specified

authentication

Authentication algorithm. Must be the same for both ends of the tunnel.

option

-

 

Option

Description

null

Null.

md5

MD5.

sha1

SHA1.

sha256

SHA256.

sha384

SHA384.

sha512

SHA512.

encryption

Encryption algorithm. Must be the same for both ends of the tunnel.

option

-

 

Option

Description

null

Null.

des

DES.

3des

3DES.

aes128

AES128.

aes192

AES192.

aes256

AES256.

aria128

ARIA128.

aria192

ARIA192.

aria256

ARIA256.

seed

Seed.

authkey

Hexadecimal authentication key in 16-digit (8-byte) segments separated by hyphens.

user

Not Specified

enckey

Hexadecimal encryption key in 16-digit (8-byte) segments separated by hyphens.

user

Not Specified

localspi

Local SPI, a hexadecimal 8-digit (4-byte) tag. Discerns between two traffic streams with different encryption rules.

user

Not Specified

remotespi

Remote SPI, a hexadecimal 8-digit (4-byte) tag. Discerns between two traffic streams with different encryption rules.

user

Not Specified

npu-offload

Enable/disable NPU offloading.

option

-

 

Option

Description

enable

Enable NPU offloading.

disable

Disable NPU offloading.

config vpn ipsec manualkey

Configure IPsec manual keys.

config vpn ipsec manualkey

Description: Configure IPsec manual keys.

edit <name>

set interface {string}

set remote-gw {ipv4-address}

set local-gw {ipv4-address-any}

set authentication [null|md5|...]

set encryption [null|des|...]

set authkey {user}

set enckey {user}

set localspi {user}

set remotespi {user}

set npu-offload [enable|disable]

next

end

config vpn ipsec manualkey

Parameter name

Description

Type

Size

interface

Name of the physical, aggregate, or VLAN interface.

string

Maximum length: 15

remote-gw

Peer gateway.

ipv4-address

Not Specified

local-gw

Local gateway.

ipv4-address-any

Not Specified

authentication

Authentication algorithm. Must be the same for both ends of the tunnel.

option

-

 

Option

Description

null

Null.

md5

MD5.

sha1

SHA1.

sha256

SHA256.

sha384

SHA384.

sha512

SHA512.

encryption

Encryption algorithm. Must be the same for both ends of the tunnel.

option

-

 

Option

Description

null

Null.

des

DES.

3des

3DES.

aes128

AES128.

aes192

AES192.

aes256

AES256.

aria128

ARIA128.

aria192

ARIA192.

aria256

ARIA256.

seed

Seed.

authkey

Hexadecimal authentication key in 16-digit (8-byte) segments separated by hyphens.

user

Not Specified

enckey

Hexadecimal encryption key in 16-digit (8-byte) segments separated by hyphens.

user

Not Specified

localspi

Local SPI, a hexadecimal 8-digit (4-byte) tag. Discerns between two traffic streams with different encryption rules.

user

Not Specified

remotespi

Remote SPI, a hexadecimal 8-digit (4-byte) tag. Discerns between two traffic streams with different encryption rules.

user

Not Specified

npu-offload

Enable/disable NPU offloading.

option

-

 

Option

Description

enable

Enable NPU offloading.

disable

Disable NPU offloading.