Command Reference Guide
18 ● ah authentication-algorithm 3Com Router 5000 Family and Router 6000 Family
Command Reference
ah authentication-algorithm
Purpose Use the ah authentication-algorithm command to set the authentication
algorithm adopted by Authentication Header protocol in IPSec proposal.
Use the
undo ah authentication-algorithm command to restore the default
setting.
Syntax ah authentication-algorithm { md5 | sha1 }
undo ah authentication-algorithm
Parameters md5
MD5 algorithm is adopted.
sha1
SHA1 algorithm is adopted.
Default By default, the md5 authentication algorithm is adopted by Authentication Header
protocol in IPSec proposal.
Example Set an IPSec proposal with AH adopting SHA1.
[3Com] ipsec proposal prop1
[3Com-ipsec-proposal-prop1] transform ah
[3Com-ipsec-proposal- prop1] ah authentication-algorithm sha1
View This command can be used in the following views:
■ IPSec Proposal view
Description AH protocol cannot be used to encrypt, but to authenticate.
MD5 algorithm uses the 128-bit message digest, and SHA1 uses the 160-bit message
digest. By comparison, MD5 is faster than SHA1, while SHA1 is securer than MD5.
The IPSec proposal adopted by the security policy at both ends of the security tunnel
must be set as using the same authentication algorithm.
Can the AH authentication algorithm be configured only if AH or AH-ESP security
protocol was selected by executing the
transform command.
Related Commands ■ ipsec proposal
■ proposal
■ sa spi
■ and transform