encryption

encryption {algorithm (3des-cbc | aes-128-cbc | aes-192-cbc | aes-256-cbc | des-cbc); key (ascii-text key | hexadecimal key );}

[edit security ipsec vpn vpn-name manual]

Statement modified in Release 8.5 of Junos OS.

Configure an encryption algorithm and key for a manual Security Association (SA). (This statement is not supported on dynamic VPN implementations.)

algorithm—Type of encryption algorithm. It can be one of the following:

des-cbc—Has a block size of 8 bytes (64 bits); its key size is 48 bits long.
3des-cbc—Has block size of 8 bytes (64 bits); its key size is 192 bits long
Note: For 3des-cbc, we recommend that the first 8 bytes be different from the second 8 bytes, and the second 8 bytes be the same as the third 8 bytes.
aes-128-cbc—Advanced Encryption Standard (AES) 128-bit encryption algorithm.
aes-192-cbc—Advanced Encryption Standard (AES) 192-bit encryption algorithm.
aes-256-cbc—Advanced Encryption Standard (AES) 256-bit encryption algorithm.

key—Type of encryption key. It can be one of the following:

ascii-text key—ASCII text key. For the des-cbc option, the key contains 8 ASCII characters; for 3des-cbc, the key contains 24 ASCII characters.
hexadecimal key—Hexadecimal key. For the des-cbc option, the key contains 16 hexadecimal characters; for the 3des-cbc option, the key contains 48 hexadecimal characters.

For configuration instructions and examples, see the Junos OS Security Configuration Guide.

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.