Filter
Top Products
(host)(config) #crypto-local isakmp dpd idle-timeout <idle_seconds> retry-timeout <retry_
seconds> retry-attempts <number>
Understanding Default IKE policies
ArubaOS includes the following default IKE policies. These policies are predefined and cannot be edited.
Policy Name
Policy
Number
IKE
Version
Encryption
Algorithm
Hash
Algorithm
Authentica-
tion
Method
PRF
Method
Diffie-
Hellman
Group
Default protection
suite
10001 IKEv1 3DES-168 SHA 160 Pre-Shared
Key
N/A 2 (1024 bit)
Default RAP
Certificate protection
suite
10002 IKEv1 AES -256 SHA 160 RSA
Signature
N/A 2 (1024 bit)
Default RAP PSK
protection suite
10003 AES -256 SHA 160 Pre-Shared
Key
N/A 2 (1024 bit)
Default RAP IKEv2
RSA protection suite
1004 IKEv2 AES -256 SSHA160 RSA
Signature
hmac-
sha1
2 (1024 bit)
Default Cluster PSK
protection suite
10005 IKEv1 AES -256 SHA160 Pre-Shared
Key
Pre-
Shared
Key
2 (1024 bit)
Default IKEv2 RSA
protection suite
1006 IKEv2 AES - 128 SHA 96 RSA
Signature
hmac-
sha1
2 (1024 bit)
Default IKEv2 PSK
protection suite
10007 IKEv2 AES - 128 SHA 96 Pre-shared
key
hmac-
sha1
2 (1024 bit)
Default Suite-B
128bit ECDSA
protection suite
10008 IKEv2 AES - 128 SHA 256-128 ECDSA-256
Signature
hmac-
sha2-256
Random
ECP Group
(256 bit)
Default Suite-B 256
bit ECDSA protection
suite
10009 IKEv2 AES -256 SHA 384-192 ECDSA-384
Signature
hmac-
sha2-384
Random
ECP Group
(384 bit)
Default Suite-B
128bit IKEv1 ECDSA
protection suite
10010 IKEv1 AES-GCM-
128
SHA 256-128 ECDSA-256
Signature
hmac-
sha2-256
Random
ECP Group
(256 bit)
Default Suite-B
256-bit IKEv1 ECDSA
protection suite
10011 IKEv1 AES-GCM-
256
SHA 256-128 ECDSA-256
Signature
hmac-
sha2-256
Random
ECP Group
(256 bit)
Table 79:
Default IKE Policy Settings
Working with VPN Dialer
For Windows clients, a dialer can be downloaded from the controller to auto-configure tunnel settings on the client.
DellPowerConnectW-SeriesArubaOS6.2 | User Guide VirtualPrivateNetworks | 293