security vpn ipsec ike-group <name> proposal <num> encryption <cipher>
Specifies the encryption cipher to be proposed in IKE Phase 1 negotiation.
The default is aes128.
- name
- The name to be used to refer to the IKE configuration.
- proposal
- An integer uniquely identifying an IKE proposal.
- cipher
- The encryption cipher to be proposed. Supported values are as follows:
aes128—Advanced Encryption Standard with a 128-bit key.
aes256—Advanced Encryption Standard with a 256-bit key.
aes128gcm128—128-bit AES with 128-bit Galois/Counter Mode (GCM).
aes256gcm128—256-bit AES with 128-bit Galois/Counter Mode (GCM).
3des—Triple-DES (Data Encryption Standard).
Configuration mode
security {
vpn {
ipsec {
ike-group name {
proposal num {
encryption cipher
}
}
}
}
}
Use this command to specify the encryption cipher to be proposed in IKE Phase 1 negotiation.
Use the set form of this command to set the encryption cipher.
Use the delete form of this command to restore the default encryption cipher.
Use the show form of this command to view encryption cipher configuration.