Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Specifying IPsec Security Association Transforms

    You can specify the IPsec transforms that IPsec SA negotiations can use for this profile. The router accepts the first transform proposed by a client that matches one of the transforms specified by this command. During an IPsec SA exchange with a client, the router proposes all transforms specified by this command and one is accepted by the client.

    Note: You can specify up to six transform algorithms for this profile.

    To specify the eligible transforms for this profile for IPsec security association negotiations:

    • From IPsec Tunnel Profile Configuration mode, specify the eligible transforms.
      host1(config-ipsec-tunnel-profile)#transform ah-hmac-md5

      Use the no version to reset the transform to the default, esp-3des-sha1.

    Published: 2014-08-12