![background image](http://html.mh-extra.com/html/cisco/mds-9000-series/mds-9000-series_command-reference-manual_21253289.webp)
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
4-149
Cisco MDS 9000 Family Command Reference
OL-18089-01, Cisco MDS NX-OS Release 4.x
Chapter 4 C Commands
crypto transform-set domain ipsec
crypto transform-set domain ipsec
To create and configure IPsec transform sets, use the
crypto transform-set domain ipsec
command. To
delete an IPsec transform set, use the
no
form of the command.
crypto transform-set domain ipsec
set-name
{
esp-3des
|
esp-des
} [
esp-aes-xcbc-mac
|
esp-md5-hmac
|
esp-sha1-hmac
]
crypto transform-set domain ipsec
set-name
esp-aes
{
128
|
256
} [
ctr
{
esp-aes-xcbc-mac
|
esp-md5-hmac
|
esp-sha1-hmac
} |
esp-aes-xcbc-mac
|
esp-md5-hmac
|
esp-sha1-hmac
]
crypto transform-set domain ipsec
set-name
{
esp-3des
|
esp-des
} [
esp-aes-xcbc-mac
|
esp-md5-hmac
|
esp-sha1-hmac
]
crypto transform-set domain ipsec
set-name
esp-aes
{
128
|
256
} [
ctr
{
esp-aes-xcbc-mac
|
esp-md5-hmac
|
esp-sha1-hmac
} |
esp-aes-xcbc-mac
|
esp-md5-hmac
|
esp-sha1-hmac
]
Syntax Description
Defaults
None.
The default mode of AES is CBC (Cyber Block Chaining).
Command Modes
Configuration mode.
Command History
Usage Guidelines
To use this command, IPsec must be enabled using the
crypto ipsec enable
command.
set-name
Specifies the transform set name. Maximum length is 63 characters.
esp-3des
Specifies ESP transform using the 3DES cipher (128 bits).
esp-des
Specifies ESP transform using the DES cipher (56 bits).
esp-aes-xcbc-mac
Specifies ESP transform using AES-XCBC-MAC authentication.
esp-md5-hmac
Specifies ESP transform using MD5-HMAC authentication.
esp-sha1-hmac
Specifies ESP transform using SHA1-HMAC authentication
esp-aes
Specifies ESP transform using the AES cipher (128 or 256 bits).
128
Specifies ESP transform using AES 128-bit cipher.
256
Specifies ESP transform using AES 256-bit cipher.
ctr
Specifies AES in counter mode.
Release
Modification
2.0(x)
This command was introduced.