Cisco Cisco ASR 5000
Context Configuration Mode Commands A-D
crypto ipsec transform-set ▀
Command Line Interface Reference, StarOS Release 18 ▄
2365
crypto ipsec transform-set
Configures transform-sets on the system and enters the Crypto IPSec Transform Set Configuration Mode.
Product
PDSN
PDIF
HA
GGSN
Privilege
Security Administrator, Administrator
Mode
Exec > Global Configuration > Context Configuration
configure > context context_name
Entering the above command sequence results in the following prompt:
[context_name]host_name(config-ctx)#
Syntax
crypto ipsec transform-set transform_name [ ah { hmac { md5-96 | none | sha1-96 } { esp {
hmac { { md5-96 | sha1-96 } { cipher { 3des-cbc | aes-cbc-128 | aes-cbc-256 | des-cbc } }
| none } } } } ]
hmac { { md5-96 | sha1-96 } { cipher { 3des-cbc | aes-cbc-128 | aes-cbc-256 | des-cbc } }
| none } } } } ]
no crypto ipsec transform-set transform_name
no
Removes a previously configured transform set
transform_name
Specifies the name of the transform set as an alphanumeric string of 1 through 127 characters that is case
sensitive.
sensitive.
ah hmac
Configures the Authentication Header (AH) hash message authentication codes (HMAC) parameter for the
transform set to one of the following:
transform set to one of the following:
md5-96
:Message Digest 5 truncated to 96 bits
sha1-96
:Secure Hash Algorithm-1 truncated to 96 bits
esp hmac
Configures the Encapsulating Security Payload (ESP) hash message authentication codes (HMAC) parameter
for the transform set to one of the following:
for the transform set to one of the following:
md5-96
:Message Digest 5 truncated to 96 bits
none
: Disables the use of the AH protocol for the transform set.
sha1-96
:Secure Hash Algorithm-1 truncated to 96 bits