Crypto Transform-Set Domain Ipsec - Cisco AJ732A - MDS 9134 Fabric Switch Command Reference Manual

Chapter 4 C Commands
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m

crypto transform-set domain ipsec

To create and configure IPsec transform sets, use the crypto transform-set domain ipsec command. To
delete an IPsec transform set, use the no form of the command.
Syntax Description set-name
esp-3des
esp-des
esp-aes-xcbc-mac
esp-md5-hmac
esp-sha1-hmac
esp-aes
128
256
ctr
Defaults
None.
The default mode of AES is CBC (Cyber Block Chaining).
Command Modes
Configuration mode.
Command History Release
2.0(x)
Usage Guidelines To use this command, IPsec must be enabled using the crypto ipsec enable command.
OL-18089-01, Cisco MDS NX-OS Release 4.x
crypto transform-set domain ipsec set-name {esp-3des | esp-des} [esp-aes-xcbc-mac |
esp-md5-hmac | esp-sha1-hmac]
crypto transform-set domain ipsec set-name esp-aes {128 | 256} [ctr {esp-aes-xcbc-mac |
esp-md5-hmac | esp-sha1-hmac} | esp-aes-xcbc-mac | esp-md5-hmac | esp-sha1-hmac]
crypto transform-set domain ipsec set-name{esp-3des | esp-des} [esp-aes-xcbc-mac |
esp-md5-hmac | esp-sha1-hmac]
crypto transform-set domain ipsec set-name esp-aes {128 | 256} [ctr {esp-aes-xcbc-mac |
esp-md5-hmac | esp-sha1-hmac} | esp-aes-xcbc-mac | esp-md5-hmac | esp-sha1-hmac]
Specifies the transform set name. Maximum length is 63 characters.
Specifies ESP transform using the 3DES cipher (128 bits).
Specifies ESP transform using the DES cipher (56 bits).
Specifies ESP transform using AES-XCBC-MAC authentication.
Specifies ESP transform using MD5-HMAC authentication.
Specifies ESP transform using SHA1-HMAC authentication
Specifies ESP transform using the AES cipher (128 or 256 bits).
Specifies ESP transform using AES 128-bit cipher.
Specifies ESP transform using AES 256-bit cipher.
Specifies AES in counter mode.
Modification
This command was introduced.
crypto transform-set domain ipsec
Cisco MDS 9000 Family Command Reference
4-149