2154 CHAPTER 141: IKE CONFIGURATION COMMANDS
Description Use the authentication-method command to specify the authentication
method to be used by an IKE proposal.
Use the
undo authentication-method command to restore the default.
By default, an IKE proposal uses the pre-shared key authentication method.
Related command: ike proposal, display ike proposal.
Example # Specify that IKE proposal 10 uses the pre-shared key authentication method.
<Sysname> system-view
[Sysname] ike proposal 10
[Sysname-ike-proposal-10] authentication-method pre-share
certificate domain
Syntax certificate domain domain-name
undo certificate domain
View IKE Peer view
Parameter domain-name: Name of the PKI domain, a string of 1 to 15 characters.
Description Use the
certificate domain command to configure the PKI domain of the
certificate when IKE uses digital signature as the authentication mode.
Use the
undo certificate domain command to remove the configuration.
Related command: authentication-method on page 1721 and pki domain on page 2058.
Example # Configure the PKI domain as abcde for IKE negotiation.
<Sysname> system-view
[Sysname] ike peer peer
[Sysname-ike-peer-peer] certificate domain abcde
dh
Syntax dh { group1 | group2 | group5 | group14 }
undo dh
View IKE proposal view
Parameter group1: Uses the 768-bit Diffie-Hellman group for key negotiation in phase 1.
group2: Uses the 1024-bit Diffie-Hellman group for key negotiation in phase 1.
