security vpn ipsec ike-group <group-name> ike-version <version>
Specifies the version of IKE for a configuration.
The default version is 1 (IKEv1).
- group-name
- The name to be used to refer to this IKE configuration (for example, IKE-E1).
- ike-version version
version
One of the following IKE versions:
- 1–Use IKEv1.
- 2–Use IKEv2.
- 2+1–Use IKEv2 when initiating, but accept any protocol version when responding.
Note: When configuring peer 1 with the 2+1 version and peer 2 with the 1 version, Ciena recommends that you configure respond as the connection-type for peer 1. Refer to the security vpn ipsec site-to-site peer connection-type command for more information.
Configuration mode
security {
vpn {
ipsec {
ike-group group-name {
ike-version version
}
}
}
}
Use this command to specify the version of IKE (1, 2, or 2+1) for a configuration.
Use the set form of this command to specify the version of IKE for a configuration.
Use the delete form of this command to restore the default version (1).
Use the show form of this command to view the current version.