Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

security vpn ipsec ike-group <name> proposal <num> hash <hash>

Specifies the hash algorithm to be proposed.

set security vpn ipsec ike-group name proposal num hash hash
delete security vpn ipsec ike-group proposal num hash
show security vpn ipsec ike-group proposal num hash

The default is sha1.

name
The name to be used to refer to the IKE configuration.
proposal
An integer uniquely identifying an IKE proposal.
hash
The hash algorithm to be used. Supported values are as follows:

md5— MD5 hash message authentication code (HMAC).

null— No separate authentication code.

sha1— SHA1 HMAC (default).

sha1_160—SHA1_160 bit hash.

sha2_256—SHA2_256_128 HMAC

sha2_384—SHA2_384_192 HMAC

sha2_512—SHA2_512_256 HMAC

Configuration mode

security {
        vpn {
            ipsec {
                ike-group name {
                        proposal num {
                                hash hash
                }
            }
        }
    }
}

Use this command to specify the hash algorithm to be proposed in an IKE proposal.

Use the set form of this command to specify the hash algorithm to be proposed.

Use the delete form of this command to restore default hash algorithm configuration.

Use the show form of this command to view IKE proposal hash algorithm configuration.