Adit 3000 Series and Multi-Service Router (MSR) Card CLI Referece Manual
14-6 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) CLI
Configuration - IPSec Mode
group
Use the IPSec group command to define the Diffie-Hellman (DH) group identifier for phase-1.
Note: More than one group can be enabled. To disable a DH identifier, see no group command on
page 14-13.
Syntax: (config-ipsec {n})# group {1|2|5}
Example: (config-ipsec-1)# group 1
Supported Platforms:
Adit 3104, Adit 3200, Adit 3500, MSR
hash
Use the IPSec hash command to specify a hash algorithm. To disable a hash algorithm, see no hash
command on page 14-14.
Syntax: (config-ipsec {n})# hash {md5|sha}
Example: (config-ipsec-1)# hash md5
Supported Platforms:
Adit 3104, Adit 3200, Adit 3500, MSR
Field Definition
1 Set to DH group 1 (768 bit).
2 Set to DH group 2 (1024 bit). Default is enabled.
5 Set to DH group 25 (1536 bit). Default is enabled.
Field Definition
md5 Set to allow peers to use MD5.
sha Set to allow peers to use SHA1. SHA = Secure Hash Algorithm.