Examples
# Configure the IPsec transform set tran1 to use HMAC-SHA1 algorithm as the ESP authentication
algorithm.
<Sysname> system-view
[Sysname] ipsec transform-set tran1
[Sysname-ipsec-transform-set-tran1] esp authentication-algorithm sha1
Related commands
ipsec transform-set
esp encryption-algorithm
Use esp encryption-algorithm to specify encryption algorithms for ESP.
Use undo esp encryption-algorithm to remove all encryption algorithms specified for ESP.
Syntax
In non-FIPS mode:
esp encryption-algorithm { 3des-cbc | aes-cbc-128 | aes-cbc-192 | aes-cbc-256 | des-cbc | null } *
undo encryption-algorithm
In FIPS mode:
esp encryption-algorithm { aes-cbc-128 | aes-cbc-192 | aes-cbc-256 }*
undo encryption-algorithm
Default
ESP does not use any encryption algorithms.
Views
IPsec transform set view
Predefined user roles
network-admin
Parameters
3des-cbc: Uses the 3DES algorithm in CBC mode, which uses a 168-bit key.
aes-cbc-128: Uses the AES algorithm in CBC mode, which uses a 128- bit key.
aes-cbc-192: Uses AES algorithm in CBC mode, which uses a 192-bit key.
aes-cbc-256: Uses AES algorithm in CBC mode, which uses a 256-bit key.
des-cbc: Uses the DES algorithm in CBC mode, which uses a 64-bit key.
null: Uses the NULL algorithm, which means encryption is not performed.
334
To Next Page
Loading...
Need help?
General
