An Internet Key Exhcnage (IKE) proposal defines a set of parameters used to establish a secure bidirectional connection across an untrusted medium, such as the Internet. IKE proposals defined in NetBox can be referenced by IKE policies, which are in turn employed by IPSec profiles.
Some platforms refer to IKE proposals as ISAKMP, which is a framework for authentication and key exchange which employs IKE.
The unique user-assigned name for the proposal.
The strategy employed for authenticating the IKE peer. Available options are listed below.
The protocol employed for data encryption. Options include DES, 3DES, and various flavors of AES.
The mechanism employed to ensure data integrity. Options include MD5 and SHA HMAC implementations. Specifying an authentication algorithm is optional, as some encryption algorithms (e.g. AES-GCM) provide authentication natively.
The maximum lifetime for the IKE security association (SA), in seconds.