Navigation
Supported Platforms
Related Documentation
encryption-algorithm (Security IPsec)
Syntax
encryption-algorithm (3des-cbc | aes-128-cbc | aes-128-gcm | aes-192-cbc | aes-192-gcm | aes-256-cbc | aes-256-gcm | des-cbc);
Hierarchy Level
[edit security ipsec proposal proposal-name]
Release Information
Statement introduced in Junos OS Release 8.5. Support for aes-128-gcm, aes-192-gcm, and aes-256-gcm options added in Junos OS Release 12.1X45-D10.
Description
Configure an encryption algorithm.
 | Note: The device deletes existing IPsec SAs when you update the encryption-algorithm configuration in the IPsec proposal. |
Options
- 3des-cbc—Has a block size of 24 bytes; the key size is 192 bits long.
- aes-128-cbc—Advanced Encryption Standard (AES) 128-bit encryption algorithm.
- aes-128-gcm—AES Galois/Counter Mode (GCM) 128-bit encryption algorithm. This option is for IPsec proposals only. This option is not supported on group VPNs.
- aes-192-cbc—AES 192-bit encryption algorithm.
- aes-192-gcm—AES GCM 192-bit encryption algorithm. This option is for IPsec proposals only. This option is not supported on group VPNs.
- aes-256-cbc—AES 256-bit encryption algorithm.
- aes-256-gcm—AES GCM 256-bit encryption algorithm. This option is for IPsec proposals only. This option is not supported on group VPNs.
- des-cbc—Has a block size of 8 bytes; the key size is 48 bits long.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
