197
pfs dh-group14
undo pfs
New syntax
In non-FIPS mode:
pfs { dh-group1 | dh-group2 | dh-group5 | dh-group14 | dh-group24 | dh-group19 |
dh-group20 }
undo pfs
In FIPS mode:
pfs { dh-group14 | dh-group19 | dh-group20 }
undo pfs
Views
IPsec transform set view
Change description
The following keywords were added:
dh-group19: Uses 256-bit ECP Diffie-Hellman group. This keyword is available only for IKEv2.
dh-group20: Uses 384-bit ECP Diffie-Hellman group. This keyword is available only for IKEv2.
New command: tfc enable
Use tfc enable to enable the Traffic Flow Confidentiality (TFC) padding feature.
Use undo tfc enable to disable TFC padding.
Syntax
tfc enable
undo tfc enable
Default
TFC padding is disabled.
Views
IPsec policy view
IPsec policy template view
Predefined user roles
network-admin
Usage guidelines
The TFC padding feature can hide the length of the original packet and might affect the packet
encapsulation and de-encapsulation performance. This feature takes effect on UDP packets
To Next Page
Loading...
Need help?
General
