125
encapsulated by ESP in transport mode and on original IP packets encapsulated by ESP in tunnel
mode.
Examples
# Enable TFC padding for the IPsec policy policy1.
<Sysname> system-view
[Sysname] ipsec policy policy1 10 isakmp
[Sysname-ipsec-policy-isakmp-policy1-10] tfc enable
Related commands
display ipsec ipv6-policy
display ipsec policy
Modified command: ah authentication-algorithm
Old syntax
In non-FIPS mode:
ah authentication-algorithm { md5 | sha1 | sm3 } *
undo ah authentication-algorithm
In FIPS mode:
ah authentication-algorithm sha1
undo ah authentication-algorithm
New syntax
In non-FIPS mode:
ah authentication-algorithm { aes-xcbc-mac | md5 | sha1 | sha256 | sha384 | sha512 | sm3 } *
undo ah authentication-algorithm
In FIPS mode:
ah authentication-algorithm { sha1 | sha256 | sha384 | sha512 } *
undo ah authentication-algorithm
Views
IPsec transform set view
Change description
The following keywords were added:
aes-xcbc-mac: Specifies the HMAC-AES-XCBC-MAC algorithm.
sha256: Specifies the HMAC-SHA256 algorithm.
sha384: Specifies the HMAC-SHA384 algorithm.
sha512: Specifies the HMAC-SHA512 algorithm.
To Next Page
Loading...
Need help?
General
