Configuring an IPSec Proposal
An IPSec proposal lists protocols and algorithms (security services) to be negotiated with the remote IPSec peer. To configure an IPSec proposal, include the proposal statement:
[edit security ipsec] proposal ike-proposal-name { authentication-algorithm (md5 | sha1); authentication-method pre-shared-keys; dh-group (group1 | group2); encryption-algorithm (3des-cbc | des-cbc); lifetime-seconds seconds; }
To configure an IPSec authentication algorithm, include the authentication-algorithm statement. The authentication algorithm can be one of the following:
hmac-md5-96— Hash algorithm that authenticates packet data, producing a 128-bit digest
hmac-sha1-96— Hash algorithm that authenticates packet data, producing a 160-bit ...
Get Juniper Networks® Field Guide and Reference now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.