For more information, review the ikeadm(1M) man page. The commands in this section are available only when the IKEv2 or IKEv1 daemon is running.
Modifying the running IKE daemon:
The following output displays the arguments to the ikeadm command that can modify the current state of the daemon. Some arguments are specific to the IKEv2 or the IKEv1 daemon.
% ikeadm help
...
set priv level
set debug level [filename]
add rule|preshared {definition}|filename
del p1|ikesa|rule|preshared identifier
flush p1|ikesa|certcache
write rule|preshared filename
token login|logout PKCS#11-Token-Object
Showing the syntax of a specific argument to the ikeadm command:
% ikeadm help add
This command adds items to in.iked's tables.
Objects that may be set include:
rule a phase 1 or IKE SA policy rule
preshared a preshared key
Objects may be entered on the command-line, as a
series of keywords and tokens contained in curly
braces ('{', '}'); or the name of a file containing
the object definition may be provided.
For security purposes, preshared keys may only be
entered on the command-line if ikeadm is running in
interactive mode.
Modifying the IKEv2 daemon with the ikeadm command:
# ikeadm add rule | preshared {definition} | filename
# ikeadm flush ikesa
# ikeadm del ikesa | rule | preshared identifier
# ikeadm set debug level
# ikeadm token login | logout PKCS#11-Token-Object
# ikeadm write rule | preshared filename
Modifying the IKEv1 daemon with the ikeadm command:
# ikeadm set debug level
# ikeadm set privlevel
# ikeadm add rule | preshared {definition} | filename
# ikeadm del p1 | rule | preshared identifier
# ikeadm flush p1 | certcache
# ikeadm del rule | preshared id
# ikeadm write rule | preshared filename