ike profile

Use this command to configure an IKE Phase 1 profile.

Syntax

Command Parameters

dh-group <modp768|modp1024|modp2048|any>
Specifies the Diffie-Hellman (DH) group. DH groups categorize the key used in the key exchange process, by its strength. The key from a higher group number is more secure. The default value is modp2048.
encrypt-algo <desCbc|3DesCbc|aesCbc|any>
Specifies the type of encryption algorithm. The default value is aesCbc.
encrypt-key-len <128|192|256>
Specifies the length of the encryption key. The default is 256.
hash-algo <md5|sha|sha256|any>
Specifies the type of hash algorithm. The default value is sha256.
lifetime-sec <0-4294967295>
Specifies the lifetime value in seconds. The lifetime ensures that the peers renegotiate the SAs just before the expiry of the lifetime value, to ensure that Security Associations are not compromised. The default value is 86400 seconds.
WORD<1–32>
Specifies the IKE profile name.

Default

None

Command Mode

Global Configuration

Usage Guidelines

DEMO FEATURE - Secure AAA server communication is a demonstration feature on some products. Demonstration features are provided for testing purposes. Demonstration features are for lab use only and are not for use in a production environment. For more information on feature support, see Fabric Engine and VOSS Feature Support Matrix.