[Contents] [Prev] [Next] [Index] [Report an Error]

Configuring an IPSec Proposal

An IPSec proposal lists protocols and algorithms (security services) to be negotiated with the remote IPSec peer.

To configure an IPSec proposal, include the proposal statement and specify an IPSec proposal name at the [edit services ipsec-vpn ipsec] hierarchy level:




proposal proposal-name {

authentication-algorithm (hmac-md5-96 | hmac-sha1-96);

description description;

encryption-algorithm algorithm;

lifetime-seconds seconds; 

protocol (ah | esp | bundle); 
}

This section discusses the following topics:

Configuring an Authentication Algorithm
Configuring an IPSec Proposal Description
Configuring an Encryption Algorithm
Configuring the Lifetime for an IPSec SA
Configuring the Protocol for the Dynamic SA

[Contents] [Prev] [Next] [Index] [Report an Error]