04-04-2004 06:07 PM - edited 02-21-2020 01:06 PM
Hi,
I am configuring IPSEC for the first time. I am using the following commands to configure IPSEC
"crypto ipsec transform-set pulse_ipsec esp-3des" and
"crypto map test_ipsec 1 ipsec-manual"
"set peer 10.1.1.1"
"set session-key inbound esp 256 cipher <xxxxxxxxxxxxxx> authenticator <xxxxxxxxxxxxx>"
"set session-key outbound esp 257 cipher <xxxxxxxxxxx> authenticator <xxxxxxxxxxxxx>"
"set transform-set pulse_ipsec"
Can someone please tell me where I have put <xxxx> I have to insert the keys. How should I generate those keys.Is there anyway both peer routers can generate the keys or what should I enter is cipher and authenticator field.
Thanks
Solved! Go to Solution.
04-08-2004 11:00 AM
Hi,
Enter them manually in hexadecimal format.
This is an arbitrary hexadecimal string of 8, 16, or 20 bytes.
If the crypto map's transform set includes a DES algorithm, specify at least 8 bytes per key.
If the crypto map's transform set includes an MD5 algorithm, specify at least 16 bytes per key.
If the crypto map's transform set includes an SHA algorithm, specify 20 bytes per key.
Keys longer than the above sizes are simply truncated.
Thanks
Atul.
04-08-2004 11:00 AM
Hi,
Enter them manually in hexadecimal format.
This is an arbitrary hexadecimal string of 8, 16, or 20 bytes.
If the crypto map's transform set includes a DES algorithm, specify at least 8 bytes per key.
If the crypto map's transform set includes an MD5 algorithm, specify at least 16 bytes per key.
If the crypto map's transform set includes an SHA algorithm, specify 20 bytes per key.
Keys longer than the above sizes are simply truncated.
Thanks
Atul.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide