Use this command to create or modify an IKE proposal and enter IKE proposal configuration mode.
| proposal-identifier | Specifies the IKE proposal to create or modify. Valid value is up to 32 alpha-numeric characters plus special characters dash (-) and underscore (_). |
None.
Global VRF router configuration.
There are two types of IKE proposals:
Main mode is the IKE negotiation that establishes a secure channel, known as the Internet Security Association and Key Management Protocol (ISAKMP) Security Association (SA), between two devices.
Quick mode negotiates on behalf of the IPsec SAs. During Quick mode, keying material is refreshed or, if necessary, new keys are generated.
The same proposal can be assigned to both the main and quick mode or they can be different proposals depending upon your needs.
Use this command to name the proposal and enter the configuration mode that provides the commands required to configure the proposal.
Use the “no” option for this command to delete the specified IKE proposal.
This example shows how to enter configuration mode for the winRadius_main IKE proposal:
System(su-config)->crypto ike-proposal winRadius_main System(su-crypto-proposal)->
Print
this page
Email this topic
Feedback
View PDF
Download EPUB