EasyManuals Logo
Home>Cisco>Switch>MDS 9000 Series

Cisco MDS 9000 Series Command Reference

Cisco MDS 9000 Series
1464 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #269 background imageLoading...
Page #269 background image
Send documentation comments to mdsfeedback-doc@cisco.com
4-131
Cisco MDS 9000 Family Command Reference
OL-8413-07, Cisco MDS SAN-OS Release 3.x
Chapter 4 C Commands
crypto transform-set domain ipsec
crypto transform-set domain ipsec
To create and configure IPsec transform sets, use the crypto transform-set domain ipsec command. To
delete an IPsec transform set, use the no form of the command.
crypto transform-set domain ipsec set-name {esp-3des | esp-des} [esp-aes-xcbc-mac |
esp-md5-hmac | esp-sha1-hmac]
crypto transform-set domain ipsec set-name esp-aes {128 | 256} [ctr {esp-aes-xcbc-mac |
esp-md5-hmac | esp-sha1-hmac} | esp-aes-xcbc-mac | esp-md5-hmac | esp-sha1-hmac]
crypto transform-set domain ipsec set-name [{esp-3des | esp-des} [esp-aes-xcbc-mac |
esp-md5-hmac | esp-sha1-hmac]]
crypto transform-set domain ipsec set-name esp-aes [{128 | 256} [ctr {esp-aes-xcbc-mac |
esp-md5-hmac | esp-sha1-hmac} | esp-aes-xcbc-mac | esp-md5-hmac | esp-sha1-hmac]]
Syntax Description
Defaults None.
The default mode of AES is CBC (Cyber Block Chaining).
Command Modes Configuration mode.
Command History
Usage Guidelines To use this command, IPsec must be enabled using the crypto ipsec enable command.
You can use this command to modify existing IPsec transform sets. If you change a transform set
definition, the change is only applied to crypto map entries that reference the transform set. The change
is not applied to existing security associations, but used in subsequent negotiations to establish new
security associations. If you want the new settings to take effect sooner, you can clear all or part of the
security association database using the clear crypto sa domain ipsec
command.
set-name Specifies the transform set name. Maximum length is 63 characters.
esp-3des Specifies ESP transform using the 3DES cipher (128 bits).
esp-des Specifies ESP transform using the DES cipher (56 bits).
esp-aes-xcbc-mac Specifies ESP transform using AES-XCBC-MAC authentication.
esp-md5-hmac Specifies ESP transform using MD5-HMAC authentication.
esp-sha1-hmac Specifies ESP transform using SHA1-HMAC authentication
esp-aes Specifies ESP transform using the AES cipher (128 or 256 bits).
128 Specifies ESP transform using AES 128-bit cipher.
256 Specifies ESP transform using AES 256-bit cipher.
ctr Specifies AES in counter mode.
Release Modification
2.0(x) This command was introduced.

Table of Contents

Other manuals for Cisco MDS 9000 Series

Preview: Manual
Manual16 pages
Preview: Configuration Guide
Configuration Guide344 pages
Preview: Troubleshooting Guide
Troubleshooting Guide161 pages
Preview: Rack Installation
Rack Installation8 pages
Preview: Installing
Installing22 pages
Preview: Hardware Installation Guide
Hardware Installation Guide62 pages
Preview: Installation Guide
Installation Guide20 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco MDS 9000 Series and is the answer not in the manual?

Cisco MDS 9000 Series Specifications

General IconGeneral
BrandCisco
ModelMDS 9000 Series
CategorySwitch
LanguageEnglish

Related product manuals