Hide Navigation Pane
Show Navigation Pane
Feedback
Download
SHA1
proposal-set (IPsec)
Syntax
proposal-set <basic |
compatible | standard>;
Hierarchy Level
[edit security ipsec policy policy-name ]
Release Information
Statement introduced in Release 8.5 of Junos OS.
Description
Define a set of default IPsec proposals. (This statement is not supported on dynamic VPN implementations.)
Options
basic—Basic set of two IPsec proposals:
- Proposal 1—Encapsulating Security Payload (ESP) with no Perfect Forward Secrecy (PFS) security, triple Data Encryption Standard (3DES) encryption, and secure Hash Algorithm (SHA-1) authentication.
- Proposal 2—ESP with no PFS security, 3DES encryption, and MD5 authentication.
compatible—Set of four commonly used IKE proposals:
- Proposal 1—Preshared key, triple DES (3DES) encryption, and G2 and SHA-1 authentication.
- Proposal 2—Preshared key, 3DES, and Diffie-Hellman Group 2 and MD5 authentication.
- Proposal 3—Preshared key, DES encryption, and Diffie-Hellman Group 2 and SHA-1 authentication.
- Proposal 4—Preshared key, DES encryption, and Diffie-Hellman Group 2 and MD5 authentication.
standard—Standard set of two set of IKE proposals:
- Proposal 1— Preshared key, 3DES encryption, and Diffie-Hellman Group 2 and SHA-1 authentication.
- Proposal 2—Preshared key, Advanced Encryption Standard (AES) 128-bit encryption, and Diffie-Hellman Group 2 and SHA-1 authentication.
Usage Guidelines
For configuration instructions and examples, see the Junos OS Security Configuration Guide.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
