Product specifications

Efficient Networks
®
Router family
Technical Reference Guide
Chapter 5: System Security
Efficient Networks
®
Page 5-59
Defines the name of a new IKE IPSec proposal.
-> ike ipsec proposals add <proposalname>
Defines the name of a new IKE IPSec proposal.
-> ike ipsec proposals delete <proposalname>
Deletes an existing IKE IPSec proposal.
-> ike ipsec proposals list
Lists the IKE IPSec proposals.
The followings proposals set commands specify the contents of the proposals
exchanged.
NOTE:
The next three commands (set espenc, set espauth, and set ahauth) determine the
encapsulation method (AH or ESP) used and the authentication and/or encryption
requested by the proposal.
You cannot request both AH and ESP encapsulation in the same proposal. (It is
possible for a connection to use two proposals, one that requests AH and the other
that requests ESP.)
In any one proposal, you can request any one of the following:
AH authentication
ESP encryption
ESP authentication
ESP encryption and authentication
-> ike ipsec proposals set espenc <des | 3des | null | none>
<proposalname>
Determines whether ESP encryption is requested and, if it is requested, the encryption
method used.
DES - Use ESP encapsulation and 56-bit encryption
3DES - Use ESP encapsulation and 168-bit encryption (if 3DES is enabled
in the router; see Software Option Keys.)
NULL - No encryption, but use ESP encapsulation. Headers are inserted as
though the data was encrypted. This allows verification of the source, but
sends the data in the clear, increasing throughput.
NONE - No encryption and no ESP encapsulation. (If you select this option,
the encapsulation method must be requested by a set espauth or set ahauth
command.)