encryption-algorithm (Security)
Syntax
encryption-algorithm (3des-cbc | des-cbc | aes-128-cbc | aes-128-gcm | aes-192-cbc | aes-256-cbc | aes-256-gcm);
Hierarchy Level
[edit security ike proposal ike-proposal-name], [edit security ipsec proposal ipsec-proposal-name]
Description
Configure an IKE or IPsec encryption algorithm.
Options
-
3des-cbc
—Encryption algorithm with key size of 24 bytes; its key size is 192 bits long. -
des-cbc
—Encryption algorithm with key size of 8 bytes; its key size is 48 bits long. -
aes-128-cbc
—Advanced encryption algorithm that has a key size of 16 bytes; its key size is 128 bits long. -
aes-128-gcm
—AES GCM 128-bit encryption algorithm. -
aes-192-cbc
—Advanced encryption algorithm that has a key size of 24 bytes; its key size is 192 bits long. -
aes-256-cbc
—Advanced encryption algorithm that has a key size of 32 bytes; its key size is 256 bits long. -
aes-256-gcm
—AES GCM 256-bit encryption algorithm. For an IKE proposal, AES 256-bit authenticated encryption algorithm is supported with IKEv2 only. When this option is used, aes-256-gcm should be configured at the [edit security ipsec proposal proposal-name] hierarchy level, and the authentication-algorithm option should not be configured at the [edit security ike proposal proposal-name] hierarchy level.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced before Junos OS Release 7.4.