Manualshelf

Reference Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4820T
1001100210031004100510061007100810091010
For AES-CBC, only the AES-128 and AES-192 ciphers are supported.
key-encryption-
type
(OPTIONAL) Specifies if the key is encrypted.
Valid values: 0 (key is not encrypted) or 7 (key is encrypted).
key
Text string used in authentication.
The required lengths of a non-encrypted or encrypted key are:
3DES - 48 or 96 hex digits; DES - 16 or 32 hex digits; AES-CBC -32 or 64
hex digits for AES-128 and 48 or 96 hex digits for AES-192.
authentication-
algorithm
Specifies the authentication algorithm to use for encryption. Valid
values are MD5 or SHA1.
key-encryption-
type
(OPTIONAL) Specifies if the authentication key is encrypted.
Valid values: 0 (key is not encrypted) or 7 (key is encrypted).
key
Text string used in authentication.
For MD5 authentication, the key must be 32 hex digits (non-
encrypted) or 64 hex digits (encrypted).
For SHA-1 authentication, the key must be 40 hex digits (non-
encrypted) or 80 hex digits (encrypted).
Defaults Not configured.
Command Modes INTERFACE
Command History
This guide is platform-specific. For command information about other platforms, refer to the
relevant
FTOS Command Line Reference Guide
.
The following is a list of the FTOS version history for this command.
Version 9.1.(0.0) Introduced on the S4810 and Z9000.
Version 8.4.2.0 Introduced on the E-Series TeraScale.
Version 8.3.19.0 Introduced on the S4820T.
Usage
Information
Before you enable IPsec encryption on an OSPFv3 interface, first enable IPv6 unicast routing
globally, configure an IPv6 address and enable OSPFv3 on the interface, and assign the
interface to an area.
An SPI value must be unique to one IPsec security policy (authentication or encryption) on the
router. Configure the same encryption policy (same SPI and key) on each OSPFv3 interface in a
link.
To remove an IPsec encryption policy from an interface, enter the no ipv6 ospf
encryption spi number command. To remove null authentication on an interface to
allow the interface to inherit the authentication policy configured for the OSPFv3 area, enter
the
no ipv6 ospf no ipv6 ospf encryption null command.
Related
Commands
area encryption – configures an IPsec encryption policy for an OSPFv3 area.
show crypto ipsec policy – displays the configuration of IPsec encryption policies.
1009