authentication (Security IPsec)
Syntax
authentication {
algorithm (hmac-sha1-96 | hmac-sha2-256);
key (ascii-text key | hexadecimal key);
}
Hierarchy Level
[edit security ipsec security-association sa-name manual direction (inbound | outbound | bi-directional)]
Description
Configure IP Security (IPsec) authentication parameters for manual security association (SA).
The hexadecimal format must be used for the encryption key to be FIPS compliant. The hexadecimal keys provide maximum key strength.
Options
algorithm—Hash algorithm that authenticates
packet data. It can be one of the following:
hmac-md5-96—Produces a 128-bit digest.
hmac-sha1-96—Produces a 160-bit digest.
key—Type of authentication key. It can be one of
the following:
ascii-text key—ASCII text key. Forhmac-md5-96, the key is 16 ASCII characters; forhmac-sha1-96, the key is 20 ASCII characters.
hexadecimal key—Hexadecimal key. Forhmac-md5-96, the key is 32 hexadecimal characters; forhmac-sha1-96, the key is 40 hexadecimal characters.
Required Privilege Level
admin—To view this statement in the configuration.
admin-control—To add this statement to the configuration.
Release Information
Statement introduced before Junos OS Release 7.4.