security vpn ipsec esp-group <name> proposal <num> encryption <cipher>
Specifies the encryption cipher for an ESP proposal.
The default is aes128.
- name
- The name to be used to refer to the ESP configuration.
- proposal
- An integer uniquely identifying a proposal to be used in IKE Phase 2 negotiation.
- cipher
- The encryption cipher to be proposed. Supported values are as follows:
aes128—Advanced Encryption Standard with a 128-bit key.
aes256—Advanced Encryption Standard with a 256-bit key.
aes128gcm128—128-bit AES with 128-bit Galois/Counter Mode (GCM).
aes256gcm128—256-bit AES with 128-bit Galois/Counter Mode (GCM).
3des—Triple-DES (Data Encryption Standard).
Configuration mode
security {
vpn {
ipsec {
esp-group name {
proposal num {
encryption cipher
}
}
}
}
}
Use this command to specify the encryption cipher to be proposed in an ESP proposal during IKE Phase 2 negotiation.
Use the set form of this command to specify the encryption cipher.
Use the delete form of this command to restore default encryption configuration.
Use the show form of this command to view ESP proposal encryption configuration.