Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    perfect-forward-secrecy

    Syntax

    perfect-forward-secrecy {keys (group1 | group2 |group5 |group14);}

    Hierarchy Level

    [edit services ipsec-vpn ipsec policy policy-name]

    Release Information

    Statement introduced before Junos OS Release 7.4.

    Description

    Define Perfect Forward Secrecy (PFS). Creates single-use keys. This statement is optional.

    Options

    keys—Type of Diffie-Hellman prime modulus group that IKE uses when performing the new Diffie-Hellman exchange. The key can be one of the following:

    • group1—768-bit.
    • group2—1024-bit.
    • group5—1536-bit.
    • group14—2048-bit.

    Usage Guidelines

    See Configuring Perfect Forward Secrecy.

    Required Privilege Level

    admin—To view this statement in the configuration.

    admin-control—To add this statement to the configuration.

    Published: 2013-11-18

    Previous Page Next Page