Brocade Communications Systems RFS4000 Cli Reference Manual page 239

Usage Guidelines
Follow the table to calculate how many character are required to add the key size for
authentication and encryption. This is used while configuring Manual IPSEC only.
For example, To create a key with authentication type as ESP-SHA and encryption type as
AES-192, enter 20+16=36 characters.
The key size for all the 3 different AES combinations is 128 bits or 16 bytes.
Follow the example below to see how the Auth and Encryption key is created in
crypto-ipsec
Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide
53-1001931-01
instance and used in
RFController(config)#crypto ipsec transform-set Test1 ?
ah-md5-hmac AH-HMAC-MD5 transform
ah-sha-hmac AH-HMAC-SHA transform
esp-3des ESP transform using 3DES cipher (168 bits)
esp-aes ESP transform using AES cipher
esp-aes-192 ESP transform using AES cipher (192 bits)
esp-aes-256 ESP transform using AES cipher (256 bits)
esp-des ESP transform using DES cipher (56 bits)
esp-md5-hmac ESP transform using HMAC-MD5 auth
esp-sha-hmac ESP transform using HMAC-SHA auth
RFController(config)#crypto ipsec transform-set Test1 esp-aes-192 esp-sha-hmac
RFController(config-crypto-ipsec)#exit
RFController(config)#crypto map TestMap-TechPub 10 ipsec-manual
RFController(config-crypto-map)#set peer 1.1.1.1
RFController(config-crypto-map)#match
RFController(config-crypto-map)#set transform-set tfset-manual
RFController(config-crypto-map)#set session-key inbound esp 257
cipher 12345678901234567890123456789012345678901234
authenticator 12345678901234567890123456789012345678901234
RFController(config-crypto-map)#set session-key outbound esp 258
cipher 12345678901234567890123456789012345678901234
authenticator 12345678901234567890123456789012345678901234
RFController(config-crypto-map)#exit
RFController(config)#interface vlan11
RFController(config-if)#crypto map manual
Global Configuration commands
instance.
(config)# crypt-map
address 101
5
(config)#
237