security vpn ipsec ike-group <name> proposal <num> dh-group <group>

Specifies the group to be proposed for Diffie-Hellman key exchanges.

set security vpn ipsec ike-group name proposal num dh-group group

delete security vpn ipsec ike-group proposal num dh-group

show security vpn ipsec ike-group proposal num dh-group

name

The name to be used to refer to the IKE configuration.

proposal

An integer uniquely identifying an IKE proposal.

pfs

The Diffie-Hellman group used for key exchanges. Supported values are as follows:

2—Group 2.

5—Group 5.

14—Group 14.

15—Group 15.

16—Group 16.

17—Group 17.

18—Group 18.

19—Group 19.

20—Group 20.

Configuration mode

security {
        vpn {
            ipsec {
                ike-group name {
                        proposal num {
                            dh-group group
                }
            }
        }
    }
}

Use this command to specify the Diffie-Hellman group used for key exchanges.

Use the set form of this command to specify the Diffie-Hellman group used for key exchanges.

Use the delete form of this command to revert to the default group.

Use the show form of this command to view the group configuration.

Vyatta documentation

Learn how to install, configure, and operate the Vyatta Network Operating System (Vyatta NOS) and Orchestrator, which help drive our virtual networking and physical platforms portfolio.

security vpn ipsec ike-group <name> proposal <num> dh-group <group>

Helpful Links

Key Resources