Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Guide That Contains This Content
[+] Expand All
[-] Collapse All

    pfs group


    pfs group { 1 | 2 | 5 }

    no pfs group

    Release Information

    Command introduced before JunosE Release 7.1.0.
    IPsec Tunnel Profile mode added in JunosE Release 7.3.0.


    Configures perfect forward secrecy for connections created with this IPsec transport or tunnel profile by assigning a Diffie-Hellman prime modulus group. The no version removes PFS from the profile.


    • 1—768-bit Diffie-Hellman prime modulus group
    • 2—1024-bit Diffie-Hellman prime modulus group
    • 5—1536-bit Diffie-Hellman prime modulus group


    IPsec Transport Profile Configuration, IPsec Tunnel Profile Configuration

    Published: 2014-08-18