User guide
Chapter 5. Command Line Interface Reference 253
# ike ipsec proposals list
IKE IPSEC PROPOSALS:
myproposal
ESP encryption: 3DES
ESP authentication: SHA1
IPComp: None
Lifetime 600
Lifedata 50000
IKE IPSEC PROPOSALS SET AHAUTH
Sets the proposal parameter that determines whether AH message authentication is requested and, if it is
requested, the hash algorithm used.
Note: The proposal must select either the AH or ESP encapsulation methods. It cannot request AH authentication
if it requests ESP encryption and/or ESP authentication.
For more information, see ESP and AH Security Protocols, on page 120 or IKE IPSec Proposal Commands, on
page 125.
ike ipsec proposals set ahauth <MD5 | SHA1 | NONE> <ProposalName>
One of the following:
MD5 Use AH encapsulation and authenticate using hash algorithm Message Digest 5.
SHA1 Use AH encapsulation and authenticate using hash algorithm Secure Hash Algorithm-1.
NONE No AH encapsulation and no AH message authentication. (If you select this option, ESP
encapsulation must be requested by a set espenc or set espauth command.)
ProposalName Name of the IPsec proposal to which the AH authentication parameter is added. To see the
proposal names in use, use the ike ipsec proposals list command.
Example: ike ipsec proposals set ahauth sha1 myproposal
IKE IPSEC PROPOSALS SET ESPAUTH
Sets the proposal parameter that determines whether ESP message authentication is requested and, if it is
requested, the hash algorithm used.
For more information, see ESP and AH Security Protocols, on page 120 or IKE IPSec Proposal Commands, on
page 125.
ike ipsec proposals set espauth <MD5 | SHA1 | NONE> <ProposalName>
One of the following:
MD5 Use ESP encapsulation and authenticate using hash algorithm Message Digest 5.
SHA1 Use ESP encapsulation and authenticate using hash algorithm Secure Hash Algorithm-1.
NONE No ESP encapsulation and no ESP message authentication. (If you select this option, the
encapsulation method must be requested by a set espenc or set ahauth command.)