Filter
Top Products
3 Configuration commands IP security commands
NN47928-107 57
ipsec parameters
Use this command to define the IPsec parameters for maximum lifetimes for
an IPsec security association (SA) and the Diffie-Hellman group to use for
session key exchange. The default provides for automatic negotiation of the
DH group.
Syntax config ipsec parameters lifetime <seconds> maxlifetime
<seconds> group [dh1024|dh768|nopfs|auto]
Parameters lifetime seconds Define the Default IPsec SA lifetime. This is the
initial value used for negotiations with the
remote host. The default is 28800 (8 hours).
maxlifetime seconds
Define the maximum IPsec SA lifetime. This is
the maximum value the BSGX4e accepts
during negotiations. The default is 86400 (24
hours).
group dh1024|dh768|nopfs|auto
Diffie-Hellman group to use for session key
exchange. Use the value nopfs to disable
perfect forward secrecy. The default is auto.
Example > config ipsec parameters lifetime 28000 maxlifetime 86400
group dh1024
Related
commands
display ipsec parameters
show ipsec parameters
display ipsec parameters
show ipsec parameters
clear protocol esp
show protocol esp
clear protocol ike
show protocol ike
display ipsec parameters
show ipsec parameters