[
Contents]
[
Prev]
[
Next]
[
Index]
[
Report an Error]
proposal-set
See the following sections:
proposal-set (IKE)
Syntax
- proposal-set <basic |
compatible | standard>;
Hierarchy Level
- [edit security ike policy policy-name ]
Release Information
Statement introduced in Release 8.5
of JUNOS software.
Description
Specify a set of default Internet Key
Exchange (IKE) proposals.
This statement is
supported on J-series and SRX-series devices.
Options
-
basic—Basic
set of two IKE proposals:
- Proposal 1—Preshared key, Data Encryption Standard
(DES) encryption, and Diffie-Hellman Group 1 and Secure Hash Algorithm
1 (SHA-1) authentication.
- Proposal 2—Preshared key, DES encryption, and
Diffie-Hellman Group 1 and MD5 authentication.
-
compatible—Set of four commonly used IKE proposals:
- Proposal 1—Preshared key, triple DES (3DES)
encryption, and G2 and SHA-1 authentication.
- Proposal 2—Preshared key, 3DES, and Diffie-Hellman
Group 2 and MD5 authentication.
- Proposal 3—Preshared key, DES encryption, and
Diffie-Hellman Group 2 and SHA-1 authentication.
- Proposal 4—Preshared key, DES encryption, and
Diffie-Hellman Group 2 and MD5 authentication.
-
standard—Standard set of two set of IKE proposals:
- Proposal 1— Preshared key, 3DES encryption,
and Diffie-Hellman Group 2 and SHA-1 authentication.
- Proposal 2—Preshared key, Advanced Encryption
Standard (AES) 128-bit encryption, and Diffie-Hellman Group 2 and
SHA-1 authentication.
Usage Guidelines
For configuration instructions and
examples, see the JUNOS Software Security Configuration
Guide.
Required Privilege Level
security—To view this statement
in the configuration.
security-control—To
add this statement to the configuration.
proposal-set (IPsec)
Syntax
- proposal-set <basic |
compatible | standard>;
Hierarchy Level
- [edit security ipsec policy policy-name ]
Release Information
Statement introduced in Release 8.5
of JUNOS software.
Description
Define a set of default IPsec proposals.
This statement is
supported on J-series and SRX-series devices.
Options
-
basic—Basic
set of two IPsec proposals:
- Proposal 1—Encapsulating Security Payload (ESP)
with no Perfect Forward Secrecy (PFS) security, triple Data Encryption
Standard (3DES) encryption, and secure Hash Algorithm (SHA-1) authentication.
- Proposal 2—ESP with no PFS security, 3DES encryption,
and MD5 authentication.
-
compatible—Set of four commonly used IKE proposals:
- Proposal 1—Preshared key, triple DES (3DES)
encryption, and G2 and SHA-1 authentication.
- Proposal 2—Preshared key, 3DES, and Diffie-Hellman
Group 2 and MD5 authentication.
- Proposal 3—Preshared key, DES encryption, and
Diffie-Hellman Group 2 and SHA-1 authentication.
- Proposal 4—Preshared key, DES encryption, and
Diffie-Hellman Group 2 and MD5 authentication.
-
standard—Standard set of two set of IKE proposals:
- Proposal 1— Preshared key, 3DES encryption,
and Diffie-Hellman Group 2 and SHA-1 authentication.
- Proposal 2—Preshared key, Advanced Encryption
Standard (AES) 128-bit encryption, and Diffie-Hellman Group 2 and
SHA-1 authentication.
Usage Guidelines
For configuration instructions and
examples, see the JUNOS Software Security Configuration
Guide.
Required Privilege Level
security—To view this statement
in the configuration.
security-control—To
add this statement to the configuration.
[
Contents]
[
Prev]
[
Next]
[
Index]
[
Report an Error]