2161
Related command: ike proposal and display ike proposal.
Example # Use 56-bit DES in CBC mode as the encryption algorithm for IKE proposal 10.
<Sysname> system-view
[Sysname] ike proposal 10
[Sysname-ike-proposal-10] encryption-algorithm des-cbc
exchange-mode
Syntax exchange-mode { aggressive | main }
undo exchange-mode
View IKE Peer view
Parameter aggressive: Aggressive mode
main: Main mode.
Description Use the
exchange-mode command to select an IKE negotiation mode.
Use the undo exchange-mode command to restore the default.
By default, main mode is used.
Note that if the user at one end of an IPSec tunnel obtains IP address automatically
(for example, a dial-up user), IKE negotiation mode must be set to aggressive. In
this case, an SA can be created as long as the username and password are correct.
Related command: id-type.
Example # Specify that IKE negotiation works in main mode.
<Sysname> system-view
[Sysname] ike peer peer1
[Sysname-ike-peer-peer1] exchange-mode main
id-type
Syntax id-type { ip | name }
undo id-type
View IKE Peer view
Parameter ip: Uses an IP address as the ID in IKE negotiation.
name: Uses a name as the ID in IKE negotiation.
