Appendix C Command Summary
Configuration Command Set
C-162
Cisco 11000 Series Secure Content Accelerator Configuration Guide
78-13124-06
1
ARC4 is compatible with RC4™ RSA Data Security.
2
ARC2 is compatible with RC2™ RSA Data Security.
Usage Guidelines
Availability: Serial, Telnet; FIPS Mode (serial only)
(This command must be entered on one line.) You can identify either individual
ciphers or use the fips, noexpor56, strong, weak, default, or all keywords to
specify cipher sets.
The no form of this command is used to remove a cipher or set of ciphers. You
must specify which algorithm(s) to remove following the no crypto command.
For example, using the commands crypto ARC4-MD5 and crypto ARC4-SHA
loads both schemes into the current user-defined security policy. Additionally, you
can alter the preset cryptography schemes specified for the current security policy.
If you enter crypto weak and no crypto NULL-MD5 commands, the
NULL-MD5 cryptography scheme is removed from the current security policy.
DES-CBC3-SHA
3DES (168)
SHA1
RSA (1024)
fips, strong, all
DES-CBC-MD5
DES (56)
MD5
RSA (1024)
strong, all
DES-CBC-SHA
DES (56)
SHA1
RSA (1024)
fips, strong, all
EXP-ARC2-MD5
ARC2
2
(40)
MD5
RSA (512)
weak, all
EXP-ARC4-MD5
ARC4
1
(40)
MD5
RSA (512)
weak, default, all
EXP-DES-CBC-SHA
DES (40)
SHA1
RSA (512)
weak, all
EXP1024-ARC2-CBC-MD5
ARC2
2
(40)
MD5
RSA (1024)
weak, default, all
EXP1024-ARC4-MD5
ARC4
1
(40)
MD5
RSA (1024)
weak, default, all
EXP1024-ARC4-SHA
ARC4
1
(40)
SHA1
RSA (1024)
weak, default, all
EXP1024-DES-CBC-SHA
DES (56)
SHA1
RSA (1024)
weak, all
NULL-MD5
None
MD5
None
weak, default, all
NULL-SHA
None
SHA1
None
weak, default, all
Cryptographic Scheme
Encryption
Message
Authentication
Key
Exchange
Security
Policy
Assignments