Siemens RUGGEDCOM ROX II User Manual page 463

RUGGEDCOM ROX II
CLI User Guide
Section 12.8.8
Managing the Encapsulated Security Payload (ESP) Protocol
The Encapsulated Security Payload (ESP) employed by IPsec provides encryption and authentication, making sure
that messages originated from the expected sender have not been altered in transit.
CONTENTS
• Section 12.8.8.1, "Configuring ESP Encryption"
• Section 12.8.8.2, "Viewing a List of ESP Algorithms"
• Section 12.8.8.3, "Adding an ESP Algorithm"
• Section 12.8.8.4, "Deleting an ESP Algorithm"
Section 12.8.8.1
Configuring ESP Encryption
To configure the encryption algorithm for the Encapsulate Security Payload (ESP), do the following:
1. Make sure the CLI is in Configuration mode.
Navigate to tunnel » ipsec » connection » {connection} » esp, where {connection} is the name of the
2.
connection.
3. Configure the encryption algorithm by typing:
tunnel ipsec connection connection esp modpgroup modpgroup
Where:
• connection is the name of the connection.
• modpgroup is the Modular Exponential (MODP) group. Options include any, modp1024, modp1536,
modp2048, modp3072, modp4096, modp6144 and modp8192. The default is modp2048 depending on
the default connection setting. The option any selects the default.
4. If required, add additional cipher algorithms. For more information on how to add algorithms, refer to
Section 12.8.8.3, "Adding an ESP
Type commit and press Enter to save the changes, or type revert and press Enter to abort.
5.
Section 12.8.8.2
Viewing a List of ESP Algorithms
To view a list of algorithms for the Encapsulate Security Payload (ESP) protocol, type:
show running-config tunnel ipsec connection connection esp algorithm
Where:
• connection is the name of the connection
If algorithms have been configured, a table or list similar to the following example appears:
tunnel
ipsec
connection ipsec-12
Managing the Encapsulated Security Payload (ESP)
Protocol
Algorithm".
Chapter 12
Tunneling and VPNs
417