dh

Syntax

dh { group2 | group5 | group14 }

undo dh

View

IKE proposal view

Default level

2: System level

Parameters

group2: Uses the 1024-bit Diffie-Hellman group for key negotiation in phase 1.

group5: Uses the 1536-bit Diffie-Hellman group for key negotiation in phase 1.

group14: Uses the 2048-bit Diffie-Hellman group for key negotiation in phase 1.

Description

Use the dh command to specify the DH group to be used in key negotiation phase 1 for an IKE proposal.

Use the undo dh command to restore the default.

By default, group2, the 1024-bit Diffie-Hellman group, is used.

Related commands: ike proposal and display ike proposal.

Examples

# Specify 1536-bit Diffie-Hellman for IKE proposal 10.

<Sysname> system-view
[Sysname] ike proposal 10
[Sysname-ike-proposal-10] dh group5