Cisco Cisco Packet Data Gateway (PDG)
IPSec Transform Set Configuration Mode Commands
▀ encryption
▄ Command Line Interface Reference, StarOS Release 17
6540
encryption
Configures the appropriate IPSec ESP encryption algorithm and encryption key length. AES-CBC-128 is the default.
Product
ePDG
PDIF
SCM
Privilege
Security Administrator, Administrator
Mode
Exec > Global Configuration > Context Configuration > IPSec Transform Set Configuration
configure > context context_name > ipsec transform-set set_name
Entering the above command sequence results in the following prompt:
[context_name]host_name(config-context-vrf)#
Syntax
encryption { 3des-cbc | aes-cbc-256 | des-cbc | null }
default encryption
3des-cbc
Data Encryption Standard Cipher Block Chaining encryption applied to the message three times using three
different cypher keys (triple DES).
different cypher keys (triple DES).
aes-cbc-128
Advanced Encryption Standard Cipher Block Chaining with a key length of 128 bits. This is the default
setting for this command.
setting for this command.
aes-cbc-256
Advanced Encryption Standard Cipher Block Chaining with a key length of 256 bits.
des-cbc
Data Encryption Standard Cipher Block Chaining. Encryption using a 56-bit key size. Relatively insecure.
null
The NULL encryption algorithm represents the optional use of applying encryption within ESP. ESP can then
be used to provide authentication and integrity without confidentiality.
be used to provide authentication and integrity without confidentiality.
default
Sets the default IPSec ESP algorithm to AES-CBC-128.