For more information, review the ikeadm (1M) man page. The commands in this section are available only when the IKEv2 or IKEv1 daemon is running.
Modifying the running IKE daemon:
The following output displays the arguments to the ikeadm command that can modify the current state of the daemon. Some arguments are specific to the IKEv2 or the IKEv1 daemon.
% ikeadm help ... set priv level set debug level [filename] add rule|preshared {definition}|filename del p1|ikesa|rule|preshared identifier flush p1|ikesa|certcache write rule|preshared filename token login|logout PKCS#11-Token-Object
Showing the syntax of a specific argument to the ikeadm command:
% ikeadm help add This command adds items to in.iked's tables. Objects that may be set include: rule a phase 1 or IKE SA policy rule preshared a preshared key Objects may be entered on the command-line, as a series of keywords and tokens contained in curly braces ('{', '}'); or the name of a file containing the object definition may be provided. For security purposes, preshared keys may only be entered on the command-line if ikeadm is running in interactive mode.
Modifying the IKEv2 daemon with the ikeadm command:
# ikeadm add rule | preshared {definition} | filename # ikeadm flush ikesa # ikeadm del ikesa | rule | preshared identifier # ikeadm set debug level # ikeadm token login | logout PKCS#11-Token-Object # ikeadm write rule | preshared filename
Modifying the IKEv1 daemon with the ikeadm command:
# ikeadm set debug level # ikeadm set privlevel # ikeadm add rule | preshared {definition} | filename # ikeadm del p1 | rule | preshared identifier # ikeadm flush p1 | certcache # ikeadm del rule | preshared id # ikeadm write rule | preshared filename