crypto-auto-ipsec-tunnel commands

Specifies the identity string used for IKE authentication

Supported in the following platforms:

  • Access Points — AP505i, AP510i/e, AP560i/h
  • Service Platforms — NX5500, NX7500, NX9500, NX9600, VX9000


groupid <WORD> [psk|rsa]
groupid <WORD> [psk [0 <WORD>|2 <WORD>|<WORD>]|rsa]


groupid <WORD> [psk [0 <WORD>|2 <WORD>|<WORD>]|rsa]
<WORD> Specify a string not exceeding 64 characters. This is the group identity used for IKE exchange for auto IPSec secure peers. After providing a group ID, specify the authentication method used to authenticate peers on the auto IPSec secure tunnel. The options are: psk and rsa.
psk [0 <WORD>| 2 <WORD>| <WORD>] Configures the PSK (pre-shared key) as the authentication type for secure peer authentication on the auto IPSec secure tunnel
  • 0 <WORD> – Configures a clear text key
  • 2 <WORD> – Configures an encrypted key
  • <WORD> – Specify a string value from 8 - 21 characters.
rsa Configures the RSA (Rivest-Shamir-Adleman) key.

RSA is an algorithm for public key cryptography. It is the first algorithm known to be suitable for signing, as well as encryption. This is the default setting.



Only one group ID is supported on the controller or service platform. All APs, controllers, and service platform must use the same group ID.


 testgroup@123 rsa

nx9500-6C8809(config-profile-default-rfs4000-crypto-auto-ipsec-secure)#show context
 crypto auto-ipsec-secure
  groupid testgroup@123 rsa