Manualshelf

Specifications

ManualsBrandsEfficient Networks ManualsComputer equipmentRouter family Command line interface
341342343344345346347348349350
Chapter 8. Command Reference 343
ProposalName Name of the IPsec proposal to which the AH authentication parameter is added. To see the
proposal names in use, use the ike ipsec proposals list command.
Example: ike ipsec proposals set ahauth sha1 myproposal
IKE IPSEC PROPOSALS SET ESPAUTH
Sets the proposal parameter that determines whether ESP message authentication is requested and, if it is
requested, the hash algorithm used.
For more information, see ESP and AH Security Protocols, on page 135 or IKE IPSec Proposal Commands, on
page 141.
One of the following:
MD5 Use ESP encapsulation and authenticate using hash algorithm Message Digest 5.
SHA1 Use ESP encapsulation and authenticate using hash algorithm Secure Hash Algorithm-1.
NONE No ESP encapsulation and no ESP message authentication. (If you select this option, the
encapsulation method must be requested by a set espenc or set ahauth command.)
ProposalName Name of the IPsec proposal to which the ESP authentication parameter is added. To see the
proposal names in use, use the ike ipsec proposals list command.
Example: ike ipsec proposals set espauth sha1 myproposal
IKE IPSEC PROPOSALS SET ESPENC
Sets the proposal parameter that determines whether ESP encryption is requested and, if it is requested, the
encryption method used.
For more information, see ESP and AH Security Protocols, on page 135 or IKE IPSec Proposal Commands, on
page 141.
One of the following:
DES Use ESP encapsulation and 56-bit encryption
3DES Use ESP encapsulation and 168-bit encryption (if 3DES is enabled in the router; see Soft-
ware Option Keys, on page 114.)
NULL No encryption, but use ESP encapsulation. Headers are inserted as though the data was
encrypted. This allows veriÞcation of the source, but sends the data in the clear, increasing
throughput.
NONE No encryption and no ESP encapsulation. (If you select this option, the encapsulation
method must be requested by a set espauth or set ahauth command.)
ProposalName Name of the IPsec proposal to which the ESP encryption parameter is added. To see the
proposal names in use, use the ike ipsec proposals list command.
ike ipsec proposals set espauth <MD5 | SHA1 | NONE> <ProposalName>
ike ipsec proposals set espenc <DES | 3DES | NULL | NONE> <ProposalName>