home

Supported platforms

Vyatta documentation

Learn how to install, configure, and operate the Vyatta Network Operating System (Vyatta NOS) and Orchestrator, which help drive our virtual networking and physical platforms portfolio.

security vpn ipsec esp-group <name> proposal <num> hash <hash>

Specifies the hash algorithm for an ESP proposal.

set security vpn ipsec esp-group name proposal num hash hash
delete security vpn ipsec esp-group proposal num hash
show security vpn ipsec esp-group proposal num hash

The default is sha1.

name
The name to be used to refer to the ESP configuration.
proposal
An integer uniquely identifying a proposal to be used in IKE Phase 2 negotiation.
hash
The hash algorithm to be used. Supported values are as follows:

md5— MD5 hash message authentication code (HMAC).

null— No separate authentication code.

sha1— SHA1 HMAC (default).

sha1_160—SHA1_160 bit hash.

sha2_256—SHA2_256_128 HMAC

sha2_384—SHA2_384_192 HMAC

sha2_512—SHA2_512_256 HMAC

Configuration mode

security {
        vpn {
            ipsec {
                esp-group name {
                        proposal num {
                            hash hash
                }
            }
        }
    }
}

Use this command to specify the hash algorithm to be proposed in an ESP proposal.

Use the set form of this command to specify the hash algorithm to be proposed.

Use the delete form of this command to restore default hash algorithm configuration.

Use the show form of this command to view ESP proposal hash algorithm configuration.