Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All
     
     

    tunnel pfs group

    Syntax

    tunnel pfs group { 1 | 2 | 5 }

    no tunnel pfs group

    Release Information

    Command introduced before JunosE Release 7.1.0.

    Description

    Configures perfect forward secrecy for the IPsec tunnel by assigning a Diffie-Hellman prime modulus group. The no version removes PFS from this tunnel.

    Options

    • 1—Assigns a 768-bit Diffie-Hellman prime modulus group
    • 2—Assigns a 1024-bit Diffie-Hellman prime modulus group
    • 5—Assigns a 1536-bit Diffie-Hellman prime modulus group

    Mode

    Interface Configuration

     
     

    Published: 2014-08-18