Manualshelf

Specifications

ManualsBrandsMotorola ManualsSoftwareWiNG 5.2.6
511512513514515516517518519520
PROFILES 7 - 35
Parameters
• crypto ipsec security-association lifetime [kilobytes <500-2147383646>|
seconds <90-2147383646>]
• crypto ipsec transform-set <TRANSFORM-SET-TAG> [ah-md5-hmac|ah-sha-hmac|
esp-md5-hmac|esp-sha-hmac]
• crypto ipsec transform-set <TRANSFORM-SET-TAG> [aesp-3des|esp-aes|
esp-aes-192|esp-aes-256|esp-des] {esp-md5-hmac|esp-sha-hmac}
ipsec Configures Internet Protocol Security (IPSec) policy parameters
security-association Configures IPSec SAs parameters
lifetime [kilobyte
|seconds]
Defines IPSec SAs lifetime (in kilobytes and/or seconds). Values can be entered in both
kilobytes and seconds, which ever limit is reached first, ends the SA. When the SA lifetime
ends it is renegotiated as a security measure.
kilobytes – Specifies a volume-based key duration, the minimum is 500 KB and the maximum
is 2147483646 KB.
<500-2147483646> – Specify a value from 500 - 2147483646 KB.
seconds – Specifies a time-based key duration, the minimum is 90 seconds and the
maximum is 2147483646 seconds
<90-2147483646> – Specify a value from 90 - 2147483646 seconds
ipsec Configures IPSec policy parameters
transform-set
<TRANSFORM-SET-
TAG>
Defines transform configuration (authentication and encryption) for securing data
<TRANSFORM-SET-TAG> – Specify a name for the transform set.
Specify the transform set used by the IPSec transport connection to negotiate the transform
algorithm.
ah-md5-hmac Configures the AH-HMAC-MD5 transform. The transform set is assigned to a crypto map using
the map’s set transform-set command.
ah-sha-hmac Configures the AH-HMAC-SHA transform. The transform set is assigned to a crypto map using
the map’s set transform-set command.
esp-md5-hmac Configures the Encapsulating Security Payload (ESP) transform using HMAC-MD5
authorization. The transform set is assigned to a crypto map using the map’s set transform-set
command.
esp-sha-hmac Configures ESP transform using HMAC-SHA authorization. The transform set is assigned to a
crypto map using the map’s set transform-set command.
ipsec Configures IPSec policy parameters
transform-set
<TRANSFORM-SET-
TAG>
Defines transform configuration (authentication and encryption) for securing data
<TRANSFORM-SET-TAG> – Specify the transform set name.
Specify the transform set used by the IPSec transport connection to negotiate the transform
algorithm.
esp-3des Configures the ESP transform using 3DES cipher (168 bits). The transform set is assigned to a
crypto map using the map’s set transform-set command.