Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

authentication-algorithm (Security IKE)

 

Syntax

Hierarchy Level

Release Information

Statement introduced in Junos OS Release 8.5.

Support for the sha-384 option added in Junos OS Release 12.1X45-D10.

sha-512 option introduced in Junos OS Release 19.1R1 on SRX5000 line of devices with SRX5K-SPC3 card.

Support for authentication algorithm (SH1: hmac-sha1-96) added to vSRX in Junos OS Release 19.3R1 for Power Mode IPSec mode, along with the existing support in normal mode.

Description

Configure the Internet Key Exchange (IKE) authentication algorithm.

Note

The device does not delete existing IPsec SAs when you update the authentication-algorithm configuration in the IKE proposal. The device deletes existing IPsec SAs when you update the authentication-algorithm configuration in the IPsec proposal.

Options

authentication-algorithm—Hash algorithm that authenticates packet data. It can be one of the following algorithms:

  • md5—Produces a 128-bit digest.

  • sha-256—Produces a 256-bit digest.

  • sha-384—Produces a 384-bit digest.

  • In Power Mode IPSec mode and in normal modesha1—Produces a 160-bit digest.

  • sha-512—Produces a 512-bit digest.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Related Documentation