No transform-set – Carrier Access Adit 3000 Series and Multi-Service Router (MSR) Card none User Manual

14-16

Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) CLI

Configuration - IPSec Mode

no transform-set

Use the IPSec no transform-set command to disable Perfect Forward Secrecy. To enable PFS, see
transform-set command on page 14-20.

Syntax:

(config-ipsec-{

n})# no transform-set {ah-md5|ah-sha|esp-3des|

esp-aes|esp-aes192|esp-aes256|esp-des|esp-md5|esp-null|esp-sha

|ipcomp}

Example:

(config-ipsec-1)# no transform-set esp-md5

Supported Platforms:

Adit 3104, Adit 3200, Adit 3500, MSR

Field

Definition

ah-md5

Authentication Header transform using MD5 authentication. Default.

ah-sha

Authentication Header transform using Secure Hash Algorithm
(SHA1) authentication. Default.

esp-aes

Encapsulating Security Payload (ESP) encryption transform using
Advanced Encryption Standard (AES) 128-bit encryption.

esp-aes192

Encapsulating Security Payload (ESP) encryption transform using
Advanced Encryption Standard (AES) 128-bit encryption.

esp-aes256

Encapsulating Security Payload (ESP) encryption transform using
Advanced Encryption Standard (AES) 256-bit encryption.

esp-des

Encapsulating Security Payload (ESP) encryption transform using
Data Encryption Standard (DES) 56-bit encryption.

esp-3des

Encapsulating Security Payload (ESP) encryption transform using
Data Encryption Standard (DES) 168-bit encryption.

esp-null

Encapsulating Security Payload (ESP) encryption transform using no
encryption.

esp-md5

Encapsulating Security Payload (ESP) encryption transform using
Message-Digest Algorithm 5 (MD5) authentication. Default.

esp-sha

Encapsulating Security Payload (ESP) encryption transform using
Secure Hash Algorithm (SHA1) authentication. Default.

ipcomp

IP Payload Compression Protocol (IPComp) compression.