3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide
IKE Configuration 175
The system provides a default IKE proposal, which has the lowest priority and has
the default encryption algorithm, authentication algorithm, Diffie-Hellman group
ID, SA duration, and authentication method. The parameters needed by an IKE
proposal are as follows.
Selecting encryption algorithm
This configuration is used to specify an encryption algorithm used by an IKE
proposal.
Perform the following configuration in IKE proposal view.
By default, the 56-bit DES algorithm in CBC mode is adopted.
Selecting authentication method
This configuration is used to specify an authentication method used by an IKE
proposal.
IKE authentication has two algorithms: pre-share-key and PKI (rsa-signature).
The authentication key must be configured when using the authentication
method of pre-shared key. (Refer to the part of "Configuring pre-shared key")
Perform the following configuration in IKE proposal view.
By default, pre-share key algorithm is adopted.
Selecting authentication algorithm
This configuration is used to specify the authentication algorithm used by an IKE
proposal.
Perform the following configuration in IKE proposal view.
By default SHA-1 authentication algorithm is adopted.
Tab le 168 Select encryption algorithm
Operation Command
Select encryption algorithm encryption-algorithm { des-cbc | 3des-cbc }
Set the encryption algorithm to the default
value
undo encryption-algorithm
Tab le 169 Specify authentication method
Operation Command
Specify authentication method authentication-method { pre-share | rsa-signature }
Restore the authentication method
to the default value
undo authentication-method
Tab le 170 Select authentication algorithm
Operation Command
Select authentication algorithm authentication-algorithm { md5 | sha }
Set authentication algorithm to the default
value
undo authentication-algorithm