F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices VPN Command Reference-6PW100
47
ike proposal
Use ike proposal to create an IKE proposal and enter IKE proposal view.
Use undo ike proposal to delete an IKE proposal.
Syntax
ike proposal proposal-number
undo ike proposal proposal-number
Views
System view
Default command level
2: System level
Parameters
proposal-number: IKE proposal number, in the range 1 to 65535. The lower the number, the higher the
priority of the IKE proposal. During IKE negotiation, a high priority IKE proposal is matched before a low
priority IKE proposal.
Usage guidelines
The system provides a default IKE proposal, which has the lowest priority and uses these settings:
• Encryption algorithm DES-CBC
• Authentication algorithm HMAC-SHA1
• Authentication method Pre-shared key
• DH group MODP_768
• SA lifetime 86400 seconds
Examples
# Create IKE proposal 10 and enter IKE proposal view.
<Sysname> system-view
[Sysname] ike proposal 10
[Sysname-ike-proposal-10]
Related commands
display ike proposal
ike sa keepalive-timer interval
Use ike sa keepalive-timer interval to set the ISAKMP SA keepalive interval.
Use undo ike sa keepalive-timer interval to disable the ISAKMP SA keepalive transmission function.
Syntax
ike sa keepalive-timer interval seconds
undo ike sa keepalive-timer interval
Default
No keepalive packet is sent.