Ike ipsec policies set pfs, Mgmt class, Input format – Efficient Networks 107-0001-000 User Manual
Page 374: Parameters, Example, Response, Ike ipsec policies set pfs -16
Chapter 12: IKE/IPsec Commands
Page 12-16
Efficient Networks
®
ike ipsec policies set pfs
Defines the pfs filtering parameter value for the policy. The pfs parameter specifies
the Perfect Forward Secrecy negotiation used for the connection.
If you specify 1 or 2, Perfect Forward Secrecy is performed using the specified Diffie-
Hellman group (1 or 2). If you specify none, then Perfect Forward Secrecy is not
required for this connection and no Diffie-Hellman group is used to encrypt the keys
during rekey. To read more about PFS, see “
IKE Management” on page 5-52.
Mgmt Class
Security (R/W)
Input Format
ike ipsec policies set pfs <1 | 2 | none >
Parameters
Example
Response
Command prompt.
1
Use Diffie-Hellman group 1 for the Perfect Forward Secrecy
negotiation.
2
Use Diffie-Hellman group 2 for the Perfect Forward Secrecy
negotiation.
none
Perfect Forward Secrecy negotiation is not required for this
connection.
a
a
ASCII string
Name of the IPsec policy to which the pfs parameter value is
added.
b
b
To see the policy names, use the
command.
-> ike ipsec policies set pfs 2 mypolicy