GatewayIpSecVpnTunnelIkeConfig

GatewayIpSecVpnTunnelIkeConfig
GatewayIpSecVpnTunnelIkeConfig

This configuration captures the IKE and phase one negotiation parameters. This configuration can be set for peering properly with remote peers.

JSON Example
{
    "ikeVersion": "string",
    "dhGroups": [
        "string"
    ],
    "digestAlgorithms": [
        "string"
    ],
    "encryptionAlgorithms": [
        "string"
    ],
    "saLifeTime": 0
}
string
ikeVersion
Required

IKE Protocol Version to use. The default is IKE_V2. Below are valid values.

  • IKE_V1
  • IKE_V2
  • IKE_FLEX
array of string
dhGroups
Required

The list of Diffie-Helman groups to be used is PFS is active. Default is GROUP14. Below are valid values.

  • GROUP2
  • GROUP5
  • GROUP14
  • GROUP15
  • GROUP16
  • GROUP19
  • GROUP20
  • GROUP21
array of string
digestAlgorithms
Optional

The list of Digest algorithms for IKE. This is used during IKE negotiation. Default is SHA2_256. Below are valid values.

  • SHA1
  • SHA2_256
  • SHA2_384
  • SHA2_512
array of string
encryptionAlgorithms
Required

The list of Encryption algorithms for IKE. This is used during IKE negotiation. Default is AES_128. Below are valid values.

  • AES_128
  • AES_256
  • AES_GCM_128
  • AES_GCM_192
  • SHA2_512
  • NO_ENCRYPTION_AUTH_AES_GMAC_128
  • NO_ENCRYPTION_AUTH_AES_GMAC_192
  • NO_ENCRYPTION_AUTH_AES_GMAC_256
  • NO_ENCRYPTION
integer
saLifeTime
Optional

The Security Association life time in seconds. Default is 86400 seconds (1 day).

Availability
Added in 38.1