# IPSEC

Everything related to IPsec tunnel from creation to diagnostic

# Groupe Diffie-Hellman (DH)

Here are bits information for every DH group

##### MODP

- 1 (768 bits)
- 2 (1024 bits)
- 5 (1536 bits)
- 14 (2048 bits)
- 15 (3072 bits)

##### ECP

- 19 (256 bits random)
- 20 (384 bits random)

# Diagnose

Use these command to diagnose an IPsec tunnel

```
diagnose vpn ike log filter name <tunnel name>
diagnose debug application ike -1
diagnose debug enable
```

# Creation

Use these command to create a new tunnel

```bash
config vpn ipsec phase1-interface
edit "new_name"
end
```