Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All
Specifying IPsec Security Association Transforms
You can specify the IPsec transforms that IPsec SA negotiations can use for this profile. The router accepts the first transform proposed by a client that matches one of the transforms specified by this command. During an IPsec SA exchange with a client, the router proposes all transforms specified by this command and one is accepted by the client.
 | Note: You can specify up to six transform algorithms for this profile. |
To specify the eligible transforms for this profile for IPsec security association negotiations:
- From IPsec Tunnel Profile Configuration mode, specify
the eligible transforms.host1(config-ipsec-tunnel-profile)#transform ah-hmac-md5
Use the no version to reset the transform to the default, esp-3des-sha1.
