Filter
Top Products
IP security commands 3 Configuration commands
60 NN47928-107
ipsec proposal
An IPsec proposal is a set of security parameters used when negotiating an
IPsec SA with a remote secure gateway. IPsec proposals are used by the
IPsec policies that reference them.
The initial BSGX4e configuration provides a predefined IPsec proposal
named VPN-A. This predefined IPsec proposal conforms with the
recommendations for a standard IPsec cryptographic suite called VPN-A, as
described in RFC 4308.
Syntax config ipsec proposal <name> encrypt
[3DES|AES|AES128|AES192|AES256] auth [md5|sha]
Parameters name Enter a name for this proposal.
encrypt 3DES|AES|AES128|AES192|AES256
Enter an encryption algorithm. The AES
algorithm can be requested with a specific key
size (128, 192, or 256 bits) or, if you specify the
AES option, IPsec uses the smallest key size
supported by both peers. The default is 3DES.
auth md5|sha Specify an authentication method.
Example > config ipsec proposal prop1 encrypt 3DES auth sha
Related
commands
display ipsec proposal
show ipsec proposal
clear ipsec sa
show ipsec sa
clear protocol esp
show protocol esp