ipsec proposal

Function

The ipsec proposal command creates a security proposal and displays the security proposal view.

The undo ipsec proposal command deletes a security proposal.

By default, no security proposal is created.

Format

ipsec proposal proposal-name

undo ipsec proposal proposal-name

Parameters

Parameter	Description	Value
proposal-name	Specifies the name of a security proposal.	The value is a string of 1 to 15 case-sensitive characters. Except the question mark (?) and space. However, when quotation marks (") are used around the password, spaces are allowed in the password.

Parameter

Description

Value

proposal-name

Specifies the name of a security proposal.

The value is a string of 1 to 15 case-sensitive characters.

Except the question mark (?) and space. However, when quotation marks (") are used around the password, spaces are allowed in the password.

Views

System view

Default Level

2: Configuration level

Task Name and Operations

Task Name	Operations
ipsec	write

Usage Guidelines

Usage Scenario

A security proposal defines the security protocol and authentication or encryption algorithm. Therefore, run the ipsec proposal command to create a security proposal before configuring IPsec.

Follow-up Procedure

Configure the security protocol, authentication or encryption algorithm, and encapsulation mode.

Precautions

You cannot delete the security proposal applied on a Security Association (SA). However, you can apply the same proposal on different SAs. To delete a security proposal, run the undo proposal command to remove a security proposal from the SA.

Example

# Configure a security proposal named newprop1.

<HUAWEI> system-view
[~HUAWEI] ipsec proposal newprop1