EasyManuals Logo
Home>Cisco>Switch>MDS 9000 Series

Cisco MDS 9000 Series Command Reference

Cisco MDS 9000 Series
1464 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #890 background imageLoading...
Page #890 background image
Send documentation comments to mdsfeedback-doc@cisco.com
21-22
Cisco MDS 9000 Family Command Reference
OL-8413-07, Cisco MDS SAN-OS Release 3.x
Chapter 21 S Commands
set (IPsec crypto map configuration submode)
set (IPsec crypto map configuration submode)
To configure attributes for IPsec crypto map entries, use the set command in IPsec crytpo map
configuration submode. To revert to the default values, use the no form of the command.
set {peer {ip-address | auto-peer} | pfs [group1 | group14 | group2 | group5] |
security-association lifetime {gigabytes number | kilobytes number | megabytes number |
seconds number} | transform-set {set-name | set-name-list}}
no set {peer {ip-address | auto-peer} | pfs | security-association lifetime {gigabytes | kilobytes |
megabytes | seconds} | transform-set}
Syntax Description
Defaults None.
PFS is disabled by default. When it is enabled without a group parameter, the default is group1.
The security association lifetime defaults to global setting configured by the crypto global domain
ipsec security-association lifetime command.
Command Modes IPsec crypto map configuration submode.
peer Specifies an allowed encryption/decryption peer.
ip-address Specifies a static IP address for the destination peer.
auto-peer Specifies automatic assignment of the address for the destination peer.
pfs Specifies the perfect forwarding secrecy.
group1 Specifies PFS DH Group1 (768-bit MODP).
group14 Specifies PFS DH Group14 (2048-bit MODP).
group2 Specifies PFS DH Group2 (1024-bit MODP).
group5 Specifies PFS DH Group5 (1536-bit MODP).
security-association
lifetime
Specifies the security association lifetime in traffic volume or time in
seconds.
gigabytes number Specifies a volume-based key duration in gigabytes. The range is 1 to 4095.
kilobytes number Specifies a volume-based key duration in kilobytes. The range is 2560 to
2147483647.
megabytes number Specifies a volume-based key duration in megabytes. The range is 3 to
4193280.
seconds number Specifies a time-based key duration in seconds. The range is 120 to 86400.
transform-set Configures the transform set name or set name list.
set-name Specifies a transform set name. Maximum length is 63 characters.
set-name-list Specifies a comma-separated transform set name list. Maximum length of
each name is 63 characters. You can specified a maximum of six lists.

Table of Contents

Other manuals for Cisco MDS 9000 Series

Preview: Manual
Manual16 pages
Preview: Configuration Guide
Configuration Guide344 pages
Preview: Troubleshooting Guide
Troubleshooting Guide161 pages
Preview: Rack Installation
Rack Installation8 pages
Preview: Installing
Installing22 pages
Preview: Hardware Installation Guide
Hardware Installation Guide62 pages
Preview: Installation Guide
Installation Guide20 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco MDS 9000 Series and is the answer not in the manual?

Cisco MDS 9000 Series Specifications

General IconGeneral
BrandCisco
ModelMDS 9000 Series
CategorySwitch
LanguageEnglish

Related product manuals