1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Software
  5. Router IOS XR
  6. Configuration manual

Cisco IOS XR Configuration Manual page 124

System security configuration guide
Hide thumbs Also See for IOS XR:
Table of Contents

Advertisement

How to Implement General IPSec Configurations for IPSec Networks
Command or Action
Step 11
set session-key inbound ah spi hex-key-data
Example:
RP/0/0/CPU0:router(config-new)# set session-key
inbound ah 300
1111111111111111111111111111111111111111
Step 12
set session-key inbound esp spi {cipher
hex-key-data authentication hex-key-data }
Example:
RP/0/0/CPU0:router(config-new)# set session-key
inbound esp 300 cipher 0123456789012345
authentication
0000111122223333444455556666777788889999
Step 13
set session-key outbound ah spi hex-key-data
Example:
RP/0/0/CPU0:router(config-new)# set session-key
outbound ah 300
fedcbafedcbafedcbafedcbafedcbafedcbafedc
Cisco IOS XR System Security Configuration Guide
SC-112
Implementing IPSec Network Security on Cisco IOS XR Software
Purpose
(Optional) Manually specifies the IP Security session keys
to set the inbound IPSec session key for the Authentication
Header (AH) protocol.
The length of the keys should match the encryption or
authentication method that is specified in the transform-set.
Use the spi argument to specify the security parameter
index (SPI), a number that uniquely identifies a
security association. The SPI is an arbitrary number
you assign in the range of 256 to 4,294,967,295 (FFFF
FFFF).
Use the hex-key-data argument to specify the session
key; enter in hexadecimal format. This is an arbitrary
hexadecimal string of 8, 16, or 20 bytes.
(Optional) Manually specifies the IP Security session key to
set the inbound IPSec session key for Encapsulation
Security Protocol (ESP).
The length of the keys should match the encryption or
authentication method that is specified in the transform-set.
Use the spi argument to specify the SPI, a number that
is used to uniquely identify a security association. The
SPI is an arbitrary number you assign in the range of
256 to 4,294,967,295 (FFFF FFFF).
Use the cipher keyword to specify the key string to be
used with the ESP encryption transform.
Use the hex-key-data argument to specify the session
key; enter in hexadecimal format. This is an arbitrary
hexadecimal string of 8, 16, or 20 bytes.
Use the authentication keyword to specify that the key
string is used with the ESP authentication transform.
The authentication keyword is required only when the
transform set includes an ESP authentication
transform.
(Optional) Manually specifies the IP Security session key to
set the outbound IPSec session key for the AH protocol.
The length of the keys should match the encryption or
authentication method that is specified in the transform-set.
Use the spi argument to specify the security parameter
index (SPI), a number that uniquely identifies a
security association. The SPI is an arbitrary number
you assign in the range of 256 to 4,294,967,295 (FFFF
FFFF).
Use the hex-key-data argument to specify the session
key; enter in hexadecimal format. This is an arbitrary
hexadecimal string of 8, 16, or 20 bytes.
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Cisco IOS XR

Related Products for Cisco IOS XR

This manual is also suitable for:

Ios xr 3.5

Table of Contents