Command:

crypto ipsec transform-set

Mode:

Router(config)#


Syntax:

crypto ipsec transform-set transform-set-name transform1 [transform2 [transform3]]

no crypto ipsec transform-set transform-set-name


Syntax Description:

transform-set-name Specifies the name of the transform set to create (or modify).
transform1
transform2
transform3
Specifies up to three "transforms." These transforms define the IPSec security protocols and algorithms. The parser will prevent you from entering invalid combinations.

Command Description:

To define a transform set--an acceptable combination of security protocols and algorithms--use the crypto ipsec transform-set global configuration command. To delete a transform set, use the no form of the command.


Example:

The following example defines two transform sets. The first transform set will be used with an IPSec peer that supports the newer ESP and AH protocols. The second transform set will be used with an IPSec peer that only supports the older transforms:

Router(config)#crypto ipsec transform-set newer esp-3des esp-sha-hmac
Router(config)#crypto ipsec transform-set older ah-rfc-1828 esp-rfc1829


Misconceptions:

None.


Related commands:

None.

� Cisco Systems, Inc. 2001, 2002, 2003
World Wide Education

Converted from CHM to HTML with chm2web Pro 2.85 (unicode)