proposal (Services IKE)
Syntax
proposal proposal-name {
authentication-algorithm (md5 | sha1 | sha-256);
authentication-method (ecdsa-signatures-256 | ecdsa-signatures-384 | pre-shared-keys | rsa-signatures);
description description;
dh-group (group1 | group2 | group5 |group14 | group15 | group16 | group19 | group20 | group24);
encryption-algorithm algorithm;
lifetime-seconds seconds;
}
Description
Define an IKE proposal for a dynamic SA.
Note:
In Junos FIPS mode, ECDSA options of the authentication-method statement are not supported in Junos OS Release 17.3R1. Starting
in Junos OS Release 17.4R1, ECDSA is supported in Junos FIPS mode.
Options
proposal-name—IKE proposal name.
The remaining statements are explained separately.
Required Privilege Level
system—To view this statement in the configuration.
system-control—To add this statement to the configuration.
Release Information
Statement introduced before Junos OS Release 7.4.