Cisco Cisco Packet Data Gateway (PDG)
IPSec Transform Set Configuration Mode Commands
▀ encryption
▄ Command Line Interface Reference, StarOS Release 18
6644
encryption
Configures the appropriate IPSec ESP encryption algorithm and encryption key length. AES-CBC-128 is the default.
Product
ePDG
PDIF
SCM
Privilege
Security Administrator, Administrator
Mode
Exec > Global Configuration > Context Configuration > IPSec Transform Set Configuration
configure > context context_name > ipsec transform-set set_name
Entering the above command sequence results in the following prompt:
[context_name]host_name(config-context-vrf)#
Syntax
encryption { 3des-cbc | aes-128-gcm-128 | aes-cbc-128 | aes-128-gcm-64 | aes-128-gcm-96 |
aes-256-gcm-128 | aes-256-gcm-64 | aes-256-gcm-96 | aes-cbc-256 | des-cbc | null }
aes-256-gcm-128 | aes-256-gcm-64 | aes-256-gcm-96 | aes-cbc-256 | des-cbc | null }
default encryption
3des-cbc
Data Encryption Standard Cipher Block Chaining encryption applied to the message three times using three
different cypher keys (triple DES).
different cypher keys (triple DES).
aes-128-gcm-128
IKEv2 Child Security Association IPsec ESP Algorithm is AES-GCM-128 with 128-bit ICV (Integrity Check
Value). HMAC algorithm with this encryption algorithm should be None.
Value). HMAC algorithm with this encryption algorithm should be None.
aes-128-gcm-64
IKEv2 Child SA (Security Association) IPsec ESP Algorithm is AES-GCM-128 with 64-bit ICV. HMAC
algorithm with this encryption algorithm should be None.
algorithm with this encryption algorithm should be None.
aes-128-gcm-96
IKEv2 Child SA IPsec ESP Algorithm to be AES-GCM-128 with 96-bit ICV. HMAC algorithm with this
encryption algorithm should be None.
encryption algorithm should be None.
aes-256-gcm-128
IKEv2 Child SA IPsec ESP Algorithm is AES-GCM-256 with 128-bit ICV. HMAC algorithm with this
encryption algorithm should be None.
encryption algorithm should be None.