< Home

ipsec proposal

Function

The ipsec proposal command creates an IPSec proposal and displays the IPSec proposal view.

The undo ipsec proposal command deletes an IPSec proposal.

By default, no IPSec proposal is configured.

Format

ipsec proposal proposal-name

undo ipsec proposal proposal-name

Parameters

Parameter

Description

Value

proposal-name

Specifies the name of an IPSec proposal.

The value is a string of 1 to 15 case-insensitive characters without question marks (?) or spaces. When double quotation marks are used around the string, spaces are allowed in the string.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

An IPSec proposal, part of an IPSec SA, defines security parameters for IPSec SA negotiation, including the security protocol, encryption and authentication algorithms, and encapsulation mode.

Follow-up Procedure

Run the proposal command to reference the IPSec proposal in an IPSec SA.

Precautions

Both ends of an IPSec tunnel must be configured with the same parameters.

You cannot delete the security proposal applied on a Security Association (SA). However, you can apply the same proposal on different SA's. To delete a security proposal, run the undo proposal command to remove a security proposal from the SA.

Example

# Create an IPSec proposal newprop1.

<HUAWEI> system-view
[HUAWEI] ipsec proposal newprop1
[HUAWEI-ipsec-proposal-newprop1]
Parent Topic: IPSec Configuration Commands (IPSec Encryption)
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >