Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

security vpn ipsec ike-group <group-name> ike-version <version>

Specifies the version of IKE for a configuration.

set security vpn ipsec ike-group group-name ike-version version
delete security vpn ipsec ike-group group-name ike-version
show security vpn ipsec ike-group group-name ike-version

The default version is 1 (IKEv1).

group-name
The name to be used to refer to this IKE configuration (for example, IKE-E1).
ike-version version

version

One of the following IKE versions:

  • 1–Use IKEv1.
  • 2–Use IKEv2.
  • 2+1–Use IKEv2 when initiating, but accept any protocol version when responding.
Note: When configuring peer 1 with the 2+1 version and peer 2 with the 1 version, Ciena recommends that you configure respond as the connection-type for peer 1. Refer to the security vpn ipsec site-to-site peer connection-type command for more information.

Configuration mode

security {
        vpn {
            ipsec {
                ike-group group-name {
                    ike-version version
            }
        }
    }
}

Use this command to specify the version of IKE (1, 2, or 2+1) for a configuration.

Use the set form of this command to specify the version of IKE for a configuration.

Use the delete form of this command to restore the default version (1).

Use the show form of this command to view the current version.