security vpn ipsec esp-group <name> proposal <num> encryption <cipher>

Specifies the encryption cipher for an ESP proposal.

set security vpn ipsec esp-group name proposal num encryption cipher

delete security vpn ipsec esp-group proposal num encryption

show security vpn ipsec esp-group proposal num encryption

The default is aes128.

name

The name to be used to refer to the ESP configuration.

proposal

An integer uniquely identifying a proposal to be used in IKE Phase 2 negotiation.

cipher

The encryption cipher to be proposed. Supported values are as follows:

aes128—Advanced Encryption Standard with a 128-bit key.

aes256—Advanced Encryption Standard with a 256-bit key.

aes128gcm128—128-bit AES with 128-bit Galois/Counter Mode (GCM).

aes256gcm128—256-bit AES with 128-bit Galois/Counter Mode (GCM).

3des—Triple-DES (Data Encryption Standard).

Configuration mode

security {
        vpn {
            ipsec {
                esp-group name {
                        proposal num {
                        encryption cipher
                }
            }
        }
    }
}

Use this command to specify the encryption cipher to be proposed in an ESP proposal during IKE Phase 2 negotiation.

Use the set form of this command to specify the encryption cipher.

Use the delete form of this command to restore default encryption configuration.

Use the show form of this command to view ESP proposal encryption configuration.

Vyatta documentation

Learn how to install, configure, and operate the Vyatta Network Operating System (Vyatta NOS) and Orchestrator, which help drive our virtual networking and physical platforms portfolio.

security vpn ipsec esp-group <name> proposal <num> encryption <cipher>

Helpful Links

Key Resources