Service Manual
To remove an IPsec authentication policy from an OSPFv3 area, enter the no area area-id
authentication spi number command.
Related Commands
ipv6 ospf authentication – congures an IPsec authentication policy on an OSPFv3 interface.
show crypto ipsec policy – displays the conguration of IPsec authentication policies.
area encryption
Congure an IPsec encryption policy for OSPFv3 packets in an OSPFv3 area.
Syntax
area area-id encryption ipsec spi number esp encryption-algorithm [key-
encryption-type] key authentication-algorithm [key-encryption-type] key
Parameters
area area-id
Area for which OSPFv3 trac is to be encrypted. For area-id, enter a number.
The range is from 0 to 4294967295.
ipsec spi number
Security Policy index (SPI) value that identies an IPsec security policy.
The range is from 256 to 4294967295.
esp encryption-
algorithm
Encryption algorithm used with ESP.
Valid values are: 3DES, DES, AES-CBC, and NULL.
For AES-CBC, only the AES-128 and AES-192 ciphers are supported.
key-encryption-
algorithm
(OPTIONAL) Species if the key is encrypted.
Valid values: 0 (key is not encrypted) or 7 (key is encrypted).
key
Text string used in encryption.
The required lengths of a non-encrypted or encrypted key are:
3DES - 48 or 96 hex digits; DES - 16 or 32 hex digits; AES-CBC -32 or 64 hex
digits for AES-128 and 48 or 96 hex digits for AES-192.
authentication-
algorithm
Species the authentication algorithm to use for encryption.
Valid values are MD5 or SHA1.
key-encryption-
type
(OPTIONAL) Species if the authentication key is encrypted.
Valid values: 0 (key is not encrypted) or 7 (key is encrypted).
key
Text string used in authentication.
1056
Open Shortest Path First (OSPFv2 and OSPFv3)