Cisco Cisco Packet Data Gateway (PDG)
IPSec Reference, StarOS Release 17 ▄
59
Chapter 4
Transform Set Configuration
This chapter describes how to configure IPSec transform sets.
A transform set is a combination of individual IPSec transforms designed to enact a specific security policy for traffic.
During the ISAKMP IPSec security association negotiation, the peers agree to use a particular transform set for
protecting a particular data flow. Transform sets combine the following IPSec factors:
During the ISAKMP IPSec security association negotiation, the peers agree to use a particular transform set for
protecting a particular data flow. Transform sets combine the following IPSec factors:
Mechanism for payload authentication—AH transform
Mechanism for payload encryption—ESP transform
IPSec mode (transport versus tunnel)
A transform set is a combination of an AH transform, plus an ESP transform, plus the IPSec mode (either tunnel or
transport mode).
transport mode).
The following topics are discussed: