Security and authentication
9.3 IPsec VPN
SCALANCE S615 Command Line Interface
402 Configuration Manual, 06/2015, C79000-G8976-C406-02
You disable the use of the default list with the no default-ciphers command.
esp-keyderivation
Description
With this command, you configure the required Diffie-Hellmann group (DH) from which a key
will be generated.
● The default list is not used.
● You are in the IPSEC PHASE configuration mode.
The command prompt is as follows:
cli(config-conn-phs2)#
Call up the command with the following parameters:
esp-keyderivation {none|dhgroup <1|2|5|14|15|16|17|18>}
The parameters have the following meaning:
No keys are exchanged and
Perfect Forward Secrecy (PFS)
-
Diffie-Hellmann group (DH) Specify the required Diffie-Hellmann
group (DH).
• 1
•
2
•
5
•
14
•
15
•
16
•
17
•
The Diffie-Hellmann group (DH) is configured.
To Next Page
Loading...
