ike-proposal

Function

The ike-proposal command configures an IKE proposal for an IKE peer.

The undo ike-proposal command cancels the configuration.

By default, an IKE peer does not reference an IKE proposal.

ike-proposal proposal-number

undo ike-proposal

Parameter	Description	Value
proposal-number	Specifies the number of the IKE proposal to be used. A smaller value indicates a higher priority.	USG6510E/6510E-POE: The value is an integer that ranges from 1 to 100. USG6530E: The value is an integer that ranges from 1 to 100. USG6515E: The value is an integer that ranges from 1 to 512. USG6525E: The value is an integer that ranges from 1 to 512. USG6550E/6560E/6580E: The value is an integer that ranges from 1 to 512. USG6555E/6565E/6575E-B/6585E/6605E-B: The value is an integer that ranges from 1 to 512. USG6615E/6625E: The value is an integer that ranges from 1 to 1024. USG6635E/6655E: The value is an integer that ranges from 1 to 1024. USG6630E: The value is an integer that ranges from 1 to 1024. USG6650E: The value is an integer that ranges from 1 to 1024. USG6680E: The value is an integer that ranges from 1 to 1024. USG6712E/6716E: The value is an integer that ranges from 1 to 1024.

IKE peer view

2: Configuration level

Configure an IKE proposal using the ike proposal command before using this command.

IKE proposal negotiation complies with the following principles:

If a configured IKE proposal is referenced in the IKE peer view, only the referenced proposal is sent during IKE negotiation, and the responder searches its IKE proposals for a match. If no match is found, the negotiation fails.
If no IKE proposal is referenced in the IKE peer view (for example, pre-shared and certificate authentication modes are both supported), within the device specifications, a maximum 255 IKE proposals can be carried for IKE negotiation. The responder searches its IKE proposals for a match.

# Configure IKE peer peer1 to reference an IKE proposal 10.

[sysname] ike peer peer1
[sysname-ike-peer-peer1] ike-proposal 10