Command Reference Guide
3Com Router 5000 Family and Router 6000 Family esp encryption-algorithm ● 133
Command Reference
esp encryption-algorithm
Purpose Use the esp encryption-algorithm command to set the encryption algorithm
adopted by ESP.
Use the undo esp encryption-algorithm command to set the ESP not to
encrypt packets.
Syntax esp encryption-algorithm { 3des | des | aes [ 128 | 192 | 256 ] }
undo esp encryption-algorithm
Parameters des
Data Encryption Standard (DES), a universal encryption
algorithm with the length of the key being 56 bits.
3des
3DES (Triple DES), another universal encryption
algorithm with the length of the key being 168 bits.
aes [ 128 | 192 | 256 ]
Advanced encryption standard (AES), an encryption
algorithm conforming to IETF standards. 128, 192, and
256 are available key lengths. The default is 128 bits.
Default By default, DES algorithm is used.
Example Configure ESP with the 3DES encryption algorithm in the proposal named prop1.
[3Com] ipsec proposal prop1
[3Com-ipsec-proposal-prop1] transform esp
[3Com-ipsec-proposal-prop1] esp encryption-algorithm 3des
View This command can be used in the following views:
■ IPSec Proposal view
Description 3DES can meet the requirement of high confidentiality and security, but it is
comparatively slow. And DES can satisfy the normal security requirements.
ESP permits a packet to be encrypted or authenticated or both.
The encryption and authentication methods used by ESP cannot be set to a vacant
value at the same time. The
undo esp encryption-algorithm command can
take effect only if the authentication algorithm is not null.
Related Commands ■ ipsec proposal
■ esp authentication-algorithm
■ proposal