Cisco Cisco Packet Data Gateway (PDG)
encryption
Configures the appropriate IPSec ESP encryption algorithm and encryption key length. AES-CBC-128 is the
default.
default.
Product
ePDG
PDIF
SCM
Privilege
Security Administrator, Administrator
Command Modes
Exec > Global Configuration > Context Configuration > IPSec Transform Set Configuration
configure > context context_name > ipsec transform-set set_name
Entering the above command sequence results in the following prompt:
[
context_name
]
host_name
(config-context-vrf)#
Syntax Description
encryption { 3des-cbc | aes-128-gcm-128 | aes-cbc-128 | aes-128-gcm-64 | aes-128-gcm-96 |
aes-256-gcm-128 | aes-256-gcm-64 | aes-256-gcm-96 | aes-cbc-256 | des-cbc | null }
default encryption
aes-256-gcm-128 | aes-256-gcm-64 | aes-256-gcm-96 | aes-cbc-256 | des-cbc | null }
default encryption
3des-cbc
Data Encryption Standard Cipher Block Chaining encryption applied to the message three times using three
different cypher keys (triple DES).
different cypher keys (triple DES).
aes-128-gcm-128
IKEv2 Child Security Association IPsec ESP Algorithm is AES-GCM-128 with 128-bit ICV (Integrity Check
Value). HMAC algorithm with this encryption algorithm should be None.
Value). HMAC algorithm with this encryption algorithm should be None.
aes-128-gcm-64
IKEv2 Child SA (Security Association) IPsec ESP Algorithm is AES-GCM-128 with 64-bit ICV. HMAC
algorithm with this encryption algorithm should be None.
algorithm with this encryption algorithm should be None.
aes-128-gcm-96
IKEv2 Child SA IPsec ESP Algorithm to be AES-GCM-128 with 96-bit ICV. HMAC algorithm with this
encryption algorithm should be None.
encryption algorithm should be None.
Command Line Interface Reference, Modes I - Q, StarOS Release 19
90
IPSec Transform Set Configuration Mode Commands
encryption