ike policy WORD<1–32> p2-pfs
Enables the Phase 2 perfect forward secrecy.
Syntax
-
default ike policy WORD<1–32> p2–pfs [dh-group] [use-ike-group]
-
ike policy
WORD<1–32> p2–pfs <disable | enable> [dh-group <modp768 | modp1024
| modp2048 | any>] [use-ike-group <disable | enable>]
-
no ike policy
WORD<1-32> [p2-pfs]
Command Parameters
- dh-group <modp768|modp1024|modp2048|any>
- Configures the Diffie-Hellman (DH)
group to be used for Phase 2 perfect forward secrecy (PFS). The default value is
modp2048.
- use-ike-group <enable|disable>
- Specifies whether to use the IKE
Phase 1 DH group for Phase 2 PFS. The default is enable.
- WORD<1–32>
- Specifies the name of the IKE
Phase 1 policy.
Command Mode
Global Configuration
