encryption-algorithm
Syntax
encryption-algorithm algorithm;
Hierarchy Level
[edit services ipsec-vpn ike proposal proposal-name], [edit services ipsec-vpn ipsec proposal proposal-name]
Description
Configure an IKE or IPsec encryption algorithm.
Options
| 3des-cbc | Has a block size of 24 bytes; the key size is 192 bits long. |
| aes-128-cbc | Advanced Encryption Standard (AES) 128-bit encryption algorithm. |
| aes-192-cbc | AES 192-bit encryption algorithm. |
| aes-256-cbc | AES 256-bit encryption algorithm. |
In Junos FIPS mode, AES-GCM is not supported in Junos OS Release 17.3R1. Starting in Junos OS Release 17.4R1, AES-GCM is supported in Junos FIPS mode.
| aes-128-gcm | (IPsec only) Advanced Encryption Standard in Galois/Counter Mode (AES-GCM) 128-bit encryption algorithm with a 16 octet integrity check value (ICV). This can only be used on an MS-MPC or MS-MIC. |
| aes-192-gcm | (IPsec only) AES-GCM 192-bit encryption algorithm with a 16 octet ICV. This can only be used on an MS-MPC or MS-MIC. |
| aes-256-gcm | (IPsec only) AES-GCM 256-bit encryption algorithm with a 16 octet ICV. This can only be used on an MS-MPC or MS-MIC. |
| des-cbc | Has a block size of 8 bytes; the key size is 48 bits long. |
Required Privilege Level
admin—To view this statement in the configuration.
admin-control—To add this statement to the configuration.
Release Information
Statement introduced before Junos OS Release 7.4.
aes-128-cbc, aes-192-cbc, and aes-256-cbc options added in Junos OS Release 7.6.
aes-128-gcm, aes-192-gcm, and aes-256-gcm options added in Junos OS Release 17.3R1.