Tag Elements Beginning with P > <proposal> (configuration/services/ipsec-vpn/ipsec)

Usage

<configuration>
    <services>
        <ipsec-vpn>
            <ipsec>
                <proposal>
                    <name>name</name> <!-- identifier -->
                    <description>description</description>
                    <protocol>protocol-choice</protocol>
                    <authentication-algorithm>authentication-algorithm-choice
                                    </authentication-algorithm>
                    <encryption-algorithm>encryption-algorithm-choice</encryption-algorithm>
                    <lifetime-seconds>seconds</lifetime-seconds>
                </proposal>
            </ipsec>
        </ipsec-vpn>
    </services>
</configuration>

Description

Define an IPSec proposal.

Contents

<authentication-algorithm>—Define authentication algorithm.

• hmac-md5-96—HMAC-MD5-96 authentication algorithm.
• hmac-sha1-96—HMAC-SHA1-96 authentication algorithm.
• hmac-sha2-256—HMAC-SHA2-256 authentication algorithm.

<description>—Text description of IPSec proposal.

<encryption-algorithm>—Define encryption algorithm.

• 3des-cbc—3DES-CBC encryption algorithm.
• aes-128-cbc—AES-CBC 128-bit encryption algorithm.
• aes-192-cbc—AES-CBC 192-bit encryption algorithm.
• aes-256-cbc—AES-CBC 256-bit encryption algorithm.
• des-cbc—DES-CBC encryption algorithm.

<lifetime-seconds>—Lifetime, in seconds.

<name>—Name of the IPSec proposal.

<protocol>—Define an IPSec protocol for the proposal.

• ah—Authentication header.
• bundle—Bundle (AH authentication plus ESP encryption).
• esp—Encapsulated Security Payload header.