session-key
Specify the session keys used in the crypto policy entry.
Syntax
session-key {
inbound
|
outbound
} {
ah
spi hex-key-string
|
esp
spi encrypt
hex-key-string
auth
hex-key-string
To delete the session key information from the crypto policy, use the
no
session-key {
inbound
|
outbound
} {
ah
|
esp
}
command.
Parameters
name
Enter the name of the host to delete. Enter * to delete all
host table entries.
inbound
Specify the inbound session key for IPSec.
outbound
Specify the outbound session key for IPSec.
ah
Use the AH protocol when you select the AH transform set in
the crypto policy.
esp
Use the ESP protocol when you select the ESP transform set
in the crypto policy.
spi
Enter the security parameter index number.
hex-key-string
Enter the session key in hex format (a string of 8, 16, or 20
bytes). For DES algorithms, specify at least 16 bytes per key.
For SHA algorithms, specify at least 20 bytes per key.
encrypt
Indicates the ESP encryption transform set key string.
auth
Indicates the ESP authentication transform set key string.
Defaults
none
Command
Modes
CONF-CRYPTO-POLICY
Command
History
Version 9.2(0.0)
Introduced on the MXL 10/40GbE Switch IO Module.
Usage
Information
• This command is only available in the ipsec-manual model.
• The key information entry is associated with the global method for enabling
clear text or encrypted display in the running config.
show crypto ipsec transform-set
Display the transform set configuration.
Syntax
show crypto ipsec transform-set
name
660
Internet Protocol Security (IPSec)