Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

IPSEC manual

Hi,

I am configuring IPSEC for the first time. I am using the following commands to configure IPSEC

"crypto ipsec transform-set pulse_ipsec esp-3des" and

"crypto map test_ipsec 1 ipsec-manual"

"set peer 10.1.1.1"

"set session-key inbound esp 256 cipher <xxxxxxxxxxxxxx> authenticator <xxxxxxxxxxxxx>"

"set session-key outbound esp 257 cipher <xxxxxxxxxxx> authenticator <xxxxxxxxxxxxx>"

"set transform-set pulse_ipsec"

Can someone please tell me where I have put <xxxx> I have to insert the keys. How should I generate those keys.Is there anyway both peer routers can generate the keys or what should I enter is cipher and authenticator field.

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: IPSEC manual

Hi,

Enter them manually in hexadecimal format.

This is an arbitrary hexadecimal string of 8, 16, or 20 bytes.

If the crypto map's transform set includes a DES algorithm, specify at least 8 bytes per key.

If the crypto map's transform set includes an MD5 algorithm, specify at least 16 bytes per key.

If the crypto map's transform set includes an SHA algorithm, specify 20 bytes per key.

Keys longer than the above sizes are simply truncated.

Thanks

Atul.

1 REPLY
New Member

Re: IPSEC manual

Hi,

Enter them manually in hexadecimal format.

This is an arbitrary hexadecimal string of 8, 16, or 20 bytes.

If the crypto map's transform set includes a DES algorithm, specify at least 8 bytes per key.

If the crypto map's transform set includes an MD5 algorithm, specify at least 16 bytes per key.

If the crypto map's transform set includes an SHA algorithm, specify 20 bytes per key.

Keys longer than the above sizes are simply truncated.

Thanks

Atul.

139
Views
0
Helpful
1
Replies