Filter
Top Products
25-14
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 25 Configuring IKE and IPsec Policies
Understanding IKE
Tip Unlike IKEv1, you do not specify the authentication method in the IKE proposal. For more information
on how to configure the authentication method in IKEv2, see Deciding Which Authentication Method
to Use, page 25-8.
Navigation Path
Select Manage > Policy Objects, then select IKE Proposals > IKEv2 Proposals from the Object Type
Selector. Right-click inside the work area, then select New Object or right-click a row, then select Edit
Object.
Tip You can also access this dialog box when configuring the IKE Proposal policy as explained in
Configuring an IKE Proposal, page 25-9.
Related Topics
• Configuring IKEv1 Proposal Policy Objects, page 25-10
• Creating Policy Objects, page 6-9
• Policy Object Manager, page 6-4
• Configuring IPSec IKEv1 or IKEv2 Transform Set Policy Objects, page 25-25
Field Reference
Table 25-2 IKEv2 Proposal Dialog Box
Element Description
Name The name of the policy object. A maximum of 128 characters is
allowed.
Description A description of the policy object. A maximum of 1024 characters is
allowed.
Priority The priority value of the IKE proposal. The priority value determines
the order of the IKE proposals compared by the two negotiating peers
when attempting to find a common security association (SA). If the
remote IPsec peer does not support the parameters selected in your first
priority policy, the device tries to use the parameters defined in the
policy with the next lowest priority number.
Valid values range from 1 to 65535. The lower the number, the higher
the priority. If you leave this field blank, Security Manager assigns the
lowest unassigned value starting with 1, then 5, then continuing in
increments of 5.