Cisco Cisco Packet Data Gateway (PDG)
group
Configures the appropriate key exchange cryptographic strength by applying a Diffie-Hellman group. Default
is Group 2.
is Group 2.
Product
ePDG
PDIF
Privilege
Security Administrator, Administrator
Command Modes
Exec > Global Configuration > Context Configuration > IKEv2 Security Association Configuration
configure > context context_name > ikev2-ikesa transform-set set_name
Entering the above command sequence results in the following prompt:
[
context_name
]
host_name
(cfg-ctx-ikev2ikesa-tran-set)#
Syntax Description
group { 1 | 2 | 5 | 14 }
default group
default group
1
Configures crypto strength at the Group 1 level. Lowest security.
2
Configures crypto strength at the Group 2 (default) level. Medium security.
This is the default setting for this command.
5
Configures crypto strength at the Group 5 level. Higher security.
14
Configures crypto strength at the Group 14 level. Highest security
Usage Guidelines
Diffie-Hellman groups are used to determine the length of the base prime numbers used during the key
exchange process in IKEv2. The cryptographic strength of any key derived depends, in part, on the strength
of the Diffie-Hellman group upon which the prime numbers are based.
exchange process in IKEv2. The cryptographic strength of any key derived depends, in part, on the strength
of the Diffie-Hellman group upon which the prime numbers are based.
Command Line Interface Reference, Modes I - Q, StarOS Release 19
17
IKEv2 Security Association Configuration Mode Commands
group