Technical Documentation

perfect-forward-secrecy

Syntax

perfect-forward-secrecy {keys (group1 | group2);}

Hierarchy Level

[edit security ipsec policy ipsec-policy-name]

Release Information

Statement introduced before JUNOS Release 7.4.

Description

Define the Perfect Forward Secrecy (PFS) protocol. Create single-use keys.

Options

keys—Type of Diffie-Hellman prime modulus group that IKE uses when performing the new Diffie-Hellman exchange.

The key can be one of the following:

  • group1—768-bit.
  • group2—1024-bit.

Required Privilege Level

admin—To view this statement in the configuration.

admin-control—To add this statement to the configuration.


Published: 2010-04-26