crypto ipsec transform-set
Create a transform set, or combination of security algorithms and protocols, of cryptos.
C9000 Series
Syntax
crypto ipsec transform-set name {ah-authentication {md5|sha1|null}
| esp-authentication {md5|sha1|null} | esp-encryption {3des|cbc|
des|null}}
To delete a transform set, use the no crypto ipsec transform-set name {ah-
authentication {md5|sha1|null} | esp-authentication {md5|sha1|
null} | esp-encryption {3des|cbc|des|null}} command.
Parameters
name
ah-authentication
esp-
authentication
esp-encryption
Enter the name for the transform set.
Enter the keywords ah-authentication then the transform
type of operation to apply to traffic. The transform type
represents the encryption or authentication applied to traffic.
•
md5 — Use Message Digest 5 (MD5) authentication.
•
sha1 — Use Secure Hash Algorithm 1 (SHA-1)
authentication.
•
null — Causes an encryption policy configured for the area
to not be inherited on the interface.
Enter the keywords esp-authentication then the transform
type of operation to apply to traffic. The transform type
represents the encryption or authentication applied to traffic.
•
md5 — Use Message Digest 5 (MD5) authentication.
•
sha1 — Use Secure Hash Algorithm 1 (SHA-1)
authentication.
•
null — Causes an encryption policy configured for the area
to not be inherited on the interface.
Enter the keywords esp-encryption then the transform type
of operation to apply to traffic. The transform type represents
the encryption or authentication applied to traffic.
•
3des — Use 3DES encryption.
•
cbc — Use CDC encryption.
•
des — Use DES encryption.
Internet Protocol Security (IPSec)
1156