Concept Guide

Table Of Contents
crypto dynamic-map
crypto dynamic-map <name> <priority>
disable
no ...
set pfs {group1|group2|group14|group19|group20}
set security-association lifetime kilobytes <kilobytes>
set security-association lifetime seconds <seconds>
set transform-set <name1> [<name2>] [<name3>] [<name4>]
version v1|v2
Description
This command configures a new or existing dynamic map.
Syntax
Parameter Description Range Default
<name>
Name of the map.
<priority>
Priority of the map. 1-10000 10000
no
Negates a configured parameter.
disable
Disables the dynamic map.
enable [bypass|secret] Enables the dynamic map using the
bypass or secret. Bypass prompts for
the enable mode login and pass-
word. Secret prompts for the enable
password.
set pfs
Enables Perfect Forward Secrecy
(PFS) mode. Use one of the
following:
l group1: 768-bit Diffie Hellman
prime modulus group.
l group2: 1024-bit Diffie
Hellman
l group14: 2048-bit Diffie
Hellman.
l group19: 256-bit random Diffie
Hellman ECP modulus group.
l group20: 384-bit random Diffie
Hellman ECP modulus group.
group1
set security-association lifetime
Configures the lifetime for the
security association (SA) in
seconds or kilobytes.
seconds <seconds>
Lifetime for the SA in seconds. 300-86400 7200
Dell Networking W-Series ArubaOS 6.5.x | Reference Guide crypto dynamic-map | 300