Cisco Cisco Packet Data Interworking Function (PDIF)
IPSec Transform Set Configuration Mode Commands
▀ group
▄ Command Line Interface Reference, StarOS Release 17
6546
group
Configures the appropriate key exchange cryptographic strength and activate Perfect Forward Secrecy by applying a
Diffie-Hellman group.
Diffie-Hellman group.
Product
ePDG
PDIF
SCM
Privilege
Security Administrator, Administrator
Mode
Exec > Global Configuration > Context Configuration > IPSec Transform Set Configuration
configure > context context_name > ipsec transform-set set_name
Entering the above command sequence results in the following prompt:
[context_name]host_name(config-context-vrf)#
Syntax
group { 1 | 2 | 5 | 14 | none }
default group
default group
Configures the default crypto strength to be
none
and disables Perfect Forward Secrecy.
1
Configures crypto strength at the Group 1 level. Lowest security.
2
Configures crypto strength at the Group 2 level. Medium security.
5
Configures crypto strength at the Group 5 level. Higher security.
14
Configures crypto strength at the Group 14 level. Highest security.
none
Applies no group and disables Perfect Forward Secrecy. This is the default.
default
Sets the default Diffie-Hellman group algorithm to none. This also deactivates PFS.