Esp Encryption-Algorithm - H3C MSR Series Command Reference Manual

<Sysname> system-view
[Sysname] ipsec transform-set tran1
[Sysname-ipsec-transform-set-tran1] esp authentication-algorithm sha1
Related commands
ipsec transform-set

esp encryption-algorithm

Use esp encryption-algorithm to specify encryption algorithms for ESP.
Use undo esp encryption-algorithm to restore the default.
Syntax
In non-FIPS mode:
esp encryption-algorithm { 3des-cbc | aes-cbc-128 | aes-cbc-192 | aes-cbc-256 | aes-ctr-128 |
aes-ctr-192 | aes-ctr-256 | camellia-cbc-128 | camellia-cbc-192 | camellia-cbc-256 | des-cbc |
gmac-128 | gmac-192 | gmac-256 | gcm-128 | gcm-192 | gcm-256 | null | sm1-cbc-128 |
sm1-cbc-192 | sm1-cbc-256 | sm4-cbc } *
undo esp encryption-algorithm
In FIPS mode:
esp encryption-algorithm { aes-cbc-128 | aes-cbc-192 | aes-cbc-256 | aes-ctr-128 | aes-ctr-192
| aes-ctr-256 | gmac-128 | gmac-192 | gmac-256 | gcm-128 | gcm-192 | gcm-256 }*
undo esp encryption-algorithm
Default
ESP does not use any encryption algorithms.
Views
IPsec transform set view
Predefined user roles
network-admin
Parameters
3des-cbc: Uses the 3DES algorithm in CBC mode, which uses a 168-bit key.
aes-cbc-128: Uses the AES algorithm in CBC mode, which uses a 128-bit key.
aes-cbc-192: Uses the AES algorithm in CBC mode, which uses a 192-bit key.
aes-cbc-256: Uses the AES algorithm in CBC mode, which uses a 256-bit key.
aes-ctr-128: Uses the AES algorithm in CTR mode, which uses a 128-bit key. This keyword is
available only for IKEv2.
aes-ctr-192: Uses the AES algorithm in CTR mode, which uses a 192-bit key. This keyword is
available only for IKEv2.
aes-ctr-256: Uses the AES algorithm in CTR mode, which uses a 256-bit key. This keyword is
available only for IKEv2.
camellia-cbc-128: Uses the Camellia algorithm in CBC mode, which uses a 128-bit key. This
keyword is available only for IKEv2.
camellia-cbc-192: Uses the Camellia algorithm in CBC mode, which uses a 192-bit key. This
keyword is available only for IKEv2.
532