Cisco Cisco Packet Data Gateway (PDG)
hmac
Configures the IPsec ESP integrity algorithm using a Hash-based Message Authentication Code (HMAC).
Product
ePDG
PDIF
SCM
Privilege
Security Administrator, Administrator
Command Modes
Exec > Global Configuration > Context Configuration > IPSec Transform Set Configuration
configure > context context_name > ipsec transform-set set_name
Entering the above command sequence results in the following prompt:
[
context_name
]
host_name
(config-context-vrf)#
Syntax Description
hmac { aes-xcbc-96 | md5-96 | none| null | sha1-96 | sha2-256-128 | sha2-384-192 | sha2-512-256 }
default hmac
default hmac
default hmac
Sets the default IPSec hashing algorithm to SHA1-96.
aes-xcbc-96
AES-XCBC-96 uses a 128-bit secret key and produces a 128-bit authenticator value.
md5-96
MD5-96 uses a 128-bit secret key and produces a 128-bit authenticator value.
none
Sets the IPsec hashing algorithm to none. Used with OpenSSL AEAD algorithms.
null
Configures the HMAC value to be null. The NULL encryption algorithm represents the optional use of applying
encryption within ESP. ESP can then be used to provide authentication and integrity without confidentiality.
encryption within ESP. ESP can then be used to provide authentication and integrity without confidentiality.
Command Line Interface Reference, Modes I - Q, StarOS Release 19
99
IPSec Transform Set Configuration Mode Commands
hmac