Skip to content
Skip to footer

Command Line Interface Reference, Commands C - D, StarOS Release 20

Book Contents

Find Matches in This Book

Available Languages

Download Options

Book Title

Command Line Interface Reference, Commands C - D, StarOS Release 20

Chapter Title

Crypto IPSec Transform Set Configuration Mode Commands

PDF - Complete Book (9.26 MB) PDF - This Chapter (1.2 MB)
View with Adobe Reader on a variety of devices

Results

Updated:: August 8, 2016

Chapter: Crypto IPSec Transform Set Configuration Mode Commands

end
exit
mode

Crypto IPSec Transform Set Configuration Mode Commands

The Crypto IPSec Transform Set Configuration Mode is used to configure properties for system transform sets.

Transform Sets are used to define IPSec security associations (SAs). IPSec SAs specify the IPSec protocols to use to protect packets.

Mode

Exec > Global Configuration > Context Configuration > Crypto IPSec Transform Set Configuration

configure > context context_name > crypto ipsec transform-set transform_set_name

Entering the above command sequence results in the following prompt:

[context_name]host_name(config-crypto-trans)#

Important:

The commands or keywords/variables that are available are dependent on platform type, product version, and installed license(s).

end
exit
mode

end

Exits the current configuration mode and returns to the Exec mode.

Product

All

Privilege

Security Administrator, Administrator

Syntax

Syntax Description

end

Usage Guidelines

Use this command to return to the Exec mode.

exit

Exits the current mode and returns to the parent configuration mode.

Product

All

Privilege

Security Administrator, Administrator

Syntax

Syntax Description

exit

Usage Guidelines

Use this command to return to the parent configuration mode.

mode

Configures the IPSec encapsulation mode for an existing or new transform set. For a new transform set, you must specify transform set parameters as described for the crypto ipsec transform-set command in the Context Configuration Mode Commands chapter.

Product

PDSN

HA

GGSN

PDIF

Privilege

Security Administrator

Syntax

Syntax Description

mode { transport | tunnel }

transport

Specifies that the transform set only protects the upper layer protocol data portions of an IP datagram, leaving the IP header information unprotected. Default: Disabled

Important:

This mode should only be used if the communications end-point is also the cryptographic end-point.

tunnel

Specifies that the transform set protects the entire IP datagram.

This mode should be used if the communications end-point is different from the cryptographic end-point as in a VPN. Default: Enabled

Usage Guidelines

This command specifies the encapsulation mode for the transform set.

Examples

The following command configures the transforms set's encapsulation mode to transport:

mode transport

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)

Related Cisco Community Discussions

© 2019 Cisco and/or its affiliates. All rights reserved.