home

Supported platforms

Vyatta documentation

Learn how to install, configure, and operate the Vyatta Network Operating System (Vyatta NOS) and Orchestrator, which help drive our virtual networking and physical platforms portfolio.

security vpn ipsec ike-group <name> proposal <num> encryption <cipher>

Specifies the encryption cipher to be proposed in IKE Phase 1 negotiation.

set security vpn ipsec ike-group name proposal num encryption cipher
delete security vpn ipsec ike-group proposal num encryption
show security vpn ipsec ike-group proposal num encryption

The default is aes128.

name
The name to be used to refer to the IKE configuration.
proposal
An integer uniquely identifying an IKE proposal.
cipher
The encryption cipher to be proposed. Supported values are as follows:

aes128—Advanced Encryption Standard with a 128-bit key.

aes256—Advanced Encryption Standard with a 256-bit key.

aes128gcm128—128-bit AES with 128-bit Galois/Counter Mode (GCM).

aes256gcm128—256-bit AES with 128-bit Galois/Counter Mode (GCM).

3des—Triple-DES (Data Encryption Standard).

Configuration mode

security {
        vpn {
            ipsec {
                ike-group name {
                        proposal num {
                            encryption cipher
                }
            }
        }
    }
}

Use this command to specify the encryption cipher to be proposed in IKE Phase 1 negotiation.

Use the set form of this command to set the encryption cipher.

Use the delete form of this command to restore the default encryption cipher.

Use the show form of this command to view encryption cipher configuration.