R3166-R3206-HP High-End Firewalls VPN Command Reference-6PW101

encryption-algorithm

Syntax

encryption-algorithm { 3des-cbc | aes-cbc [ key-length ] | des-cbc }

undo encryption-algorithm

View

IKE proposal view

Default level

2: System level

Parameters

3des-cbc: Uses the 3DES algorithm in CBC mode as the encryption algorithm. The 3DES algorithm uses

168-bit keys for encryption.

aes-cbc: Uses the AES algorithm in CBC mode as the encryption algorithm. The AES algorithm uses

128-bit, 192-bit, or 256-bit keys for encryption.

key-length: Key length for the AES algorithm, which can be 128, 192 or 256 bits and is defaulted to 128

bits.

des-cbc: Uses the DES algorithm in CBC mode as the encryption algorithm. The DES algorithm uses

56-bit keys for encryption.

Description

Use the encryption-algorithm command to specify an encryption algorithm for an IKE proposal.

Use the undo encryption-algorithm command to restore the default.

By default, an IKE proposal uses the 56-bit DES encryption algorithm in CBC mode.

Related commands: ike proposal and display ike proposal.

Examples

# Use 56-bit DES in CBC mode as the encryption algorithm for IKE proposal 10.

<Sysname> system-view

[Sysname] ike proposal 10

[Sysname-ike-proposal-10] encryption-algorithm des-cbc

exchange-mode

Syntax

exchange-mode { aggressive | main }

undo exchange-mode

View

IKE peer view

Default level

2: System level

Parameters

aggressive: Aggressive mode.