ike profile
   
   
      Use this command to configure an IKE Phase 1 profile.
    
      Syntax
         
         
            - 
               
                  default ike profile
                     WORD<1–32> [dh-group] [encrypt-algo] [encrypt-key-len] [hash-algo]
                     [lifetime-sec]
                
- 
               
                  ike profile
                     WORD<1–32>
                
- 
               
                  ike profile
                     WORD<1–32> dh-group <modp768 | modp1024 | modp2048 | any>
                
- 
               
                  ike profile
                     WORD<1–32> encrypt-algo <desCbc | 3DesCbc | aesCbc | any>
                
- 
               
                  ike profile
                     WORD<1–32> encrypt-key-len <128 | 192 | 256>
                
- 
               
                  ike profile
                     WORD<1–32> hash-algo <MD5 | SHA | SHA256 | any>
                
- 
               
                  ike profile
                     WORD<1–32> lifetime-sec <0-4294967295>
                
- 
               
                  no ike profile
                     WORD<1–32>
                
Command Parameters
         
         
            
               - dh-group <modp768|modp1024|modp2048|any>
- Specifies the Diffie-Hellman (DH)
                  group. DH groups categorize the key used in the key exchange process, by its
                  strength. The key from a higher group number is more secure. The default value is
                  modp2048.
- encrypt-algo <desCbc|3DesCbc|aesCbc|any>
- Specifies the type of encryption
                  algorithm. The default value is aesCbc.
- encrypt-key-len <128|192|256>
- Specifies the length of the
                  encryption key. The default is 256.
- hash-algo <md5|sha|sha256|any>
- Specifies the type of hash
                  algorithm. The default value is sha256.
- lifetime-sec <0-4294967295>
- Specifies the lifetime value in
                  seconds. The lifetime ensures that the peers renegotiate the SAs just before the
                  expiry of the lifetime value, to ensure that Security Associations are not
                  compromised. The default value is 86400 seconds.
- WORD<1–32>
- Specifies the IKE profile
                  name.
Command Mode
         
         Global Configuration
      
      Usage Guidelines
         
         
         DEMO FEATURE - Secure AAA server
        communication is a demonstration feature on some products. Demonstration features are
        provided for testing purposes. Demonstration features are for lab use only and are not for
        use in a production environment. For more information on feature support, see VOSS Feature Support Matrix.