security vpn ipsec esp-group <name> proposal <num> hash <hash>
Specifies the hash algorithm for an ESP proposal.
The default is sha1.
- name
- The name to be used to refer to the ESP configuration.
- proposal
- An integer uniquely identifying a proposal to be used in IKE Phase 2 negotiation.
- hash
- The hash algorithm to be used. Supported values are as follows:
md5— MD5 hash message authentication code (HMAC).
null— No separate authentication code.
sha1— SHA1 HMAC (default).
sha1_160—SHA1_160 bit hash.
sha2_256—SHA2_256_128 HMAC
sha2_384—SHA2_384_192 HMAC
sha2_512—SHA2_512_256 HMAC
Configuration mode
security {
vpn {
ipsec {
esp-group name {
proposal num {
hash hash
}
}
}
}
}
Use this command to specify the hash algorithm to be proposed in an ESP proposal.
Use the set form of this command to specify the hash algorithm to be proposed.
Use the delete form of this command to restore default hash algorithm configuration.
Use the show form of this command to view ESP proposal hash algorithm configuration.