Manualshelf

3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
361362363364365366367368369370
22
IPSEC CONFIGURATION COMMANDS
IPsec Configuration
Commands
ah authentication-
algorithm
Syntax
ah authentication-algorithm { md5 | sha1 }
undo ah authentication-algorithm
View
IPsec proposal view
Parameter
md5: MD5 algorithm is adopted.
sha1: SHA1 algorithm is adopted.
Description
Use the ah authentication-algorithm command to set the authentication
algorithm adopted by Authentication Header protocol in IPsec proposal.
Use the undo ah authentication-algorithm command to restore the default
setting.
By default, the md5 authentication algorithm is adopted by Authentication
Header protocol in IPsec proposal.
AH proposal cannot be used to encrypt, but to authenticate.
MD5 algorithm uses the 128-bit key, and SHA1 uses the 160-bit key. By
comparison, MD5 is faster than SHA1, while SHA1 is securer than MD5.
The IPsec proposal adopted by the IPsec policy at both ends of the security tunnel
must be set as using the same authentication algorithm.
Can the AH authentication algorithm be configured only if AH or AH-ESP security
protocol was selected by executing the transform command.
Related command: ipsec proposal, proposal, sa sip and transform.
Example
# Set IPsec proposal using AH and SHA1.