perfect-forward-secrecy

Syntax

perfect-forward-secrecy keys (group1 | group2 | group5);

Hierarchy Level

[edit security ipsec policy policy-name ]

Release Information

Statement modified in Release 8.5 of Junos OS.

Description

Specify Perfect Forward Secrecy (PFS) as the method that the device uses to generate the encryption key. PFS generates each new encryption key independently from the previous key.

Options

group1—Diffie-Hellman Group 1.

group2—Diffie-Hellman Group 2.

group5—Diffie-Hellman Group 5.

Usage Guidelines

For configuration instructions and examples, see the Junos OS Security Configuration Guide.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.