Specifications
350 Chapter 8. Command Reference
One of the following:
DES Use DES (56-bit) encryption.
3DES Use 3DES (168-bit) encryption (if 3DES is enabled in the router; see Software Option Keys,
on page 114).
ProposalName Name of the IKE proposal to which the encryption parameter is added. To see the proposal
names in use, use the ike proposals list command.
Example: ike proposals set encryption des my_ike_proposal
IKE PROPOSALS SET LIFETIME
Sets the IKE proposal parameter that specifies the length of time (in seconds) before the Phase 1 SA expires; the
recommended value is 86400 (24 hours). When the time limit expires, IKE renegotiates the connection. See IKE
Management, on page 136.
seconds Maximum number of seconds before renegotiation; 0 means unlimited.
ProposalName Name of the IKE proposal to which the lifetime parameter is added. To see the proposal
names in use, use the ike proposals list command.
Example: ike proposals set lifetime 86400 my_ike_proposal
IKE PROPOSALS SET MESSAGE_AUTH
Sets the IKE proposal parameter that specifies the message authentication done. It can propose no message
authentication, or it can propose authentication using the hash algorithm Message Digest 5 (MD5) or Secure Hash
Algorithm-1 (SHA1).
One of the following:
NONE No authentication.
MD5 Authenticate using the MD5 algorithm.
SHA1 Authenticate using the SHA1 algorithm.
ProposalName Name of the IKE proposal to which the message authentication parameter is added. To see
the proposal names in use, use the ike proposals list command.
Example: ike proposals set message_auth md5 my_ike_proposal
IKE PROPOSALS SET SESSION_AUTH
Sets the IKE proposal parameter that specifies the session authentication; preshared key is currently the only
option. For more information on IKE proposals, see IKE Management, on page 136.
ike proposals set lifetime <seconds> <ProposalName>
ike proposals set message_auth <NONE | MD5 | SHA1> <ProposalName>
ike proposals set session_auth <PRESHARE> <ProposalName>