Manualshelf

R3721-F3210-F3171-HP High-End Firewalls VPN Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
41424344454647484950
36
dh
Syntax
dh { group1 | group2 | group5 | group14 }
undo dh
View
IKE proposal view
Default level
2: System level
Parameters
group1: Uses the 768-bit Diffie-Hellman group for key negotiation in phase 1. This keyword is not
available for the FIPS mode.
group2: Uses the 1024-bit Diffie-Hellman group for key negotiation in phase 1.
group5: Uses the 1536-bit Diffie-Hellman group for key negotiation in phase 1.
group14: Uses the 2048-bit Diffie-Hellman group for key negotiation in phase 1.
Description
Use dh to specify the DH group to be used in key negotiation phase 1 for an IKE proposal.
Use undo dh to restore the default.
By default, group1 is used. In FIPS mode, group2 is used.
Related commands: ike proposal and display ike proposal.
Examples
# Specify 768-bit Diffie-Hellman for IKE proposal 10.
<Sysname> system-view
[Sysname] ike proposal 10
[Sysname-ike-proposal-10] dh group1
display ike dpd
Syntax
display ike dpd [ dpd-name ] [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
dpd-name: DPD name, a string of 1 to 15 characters.
|: Filters command output by specifying a regular expression. For more information about regular
expressions, see Getting Started Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.