encryption
Syntax
encryption {
algorithm algorithm;
key (ascii-text key | hexadecimal key);
}
Hierarchy Level
[edit services ipsec-vpn rule rule-name term term-name then manual direction direction]
Description
Configure an encryption algorithm and key for manual SA.
Options
algorithm—Type of encryption
algorithm. The algorithm can be one of the following:
des-cbc—Has a block size of 8 bytes (64 bits); the key size is 48 bits long.3des-cbc—Has a block size of 8 bytes (64 bits); the key size is 192 bits long.aes-128-cbc—Advanced Encryption Standard (AES) 128-bit encryption algorithm.aes-192-cbc—Advanced Encryption Standard (AES) 192-bit encryption algorithm.aes-256-cbc—Advanced Encryption Standard (AES) 256-bit encryption algorithm.Note:For
3des-cbc, the first 8 bytes should differ from the second 8 bytes, and the second 8 bytes should be the same as the third 8 bytes.
key—Type of encryption key. The key can be
one of the following:
ascii-text—ASCII text key. Following are the key lengths, in ASCII characters, for the different encryption options:des-cbcoption, 8 ASCII characters3des-cbcoption, 24 ASCII charactersaes-128-cbcoption, 16 ASCII charactersaes-192-cbcoption, 24 ASCII charactersaes-256-cbcoption, 32 ASCII characters
hexadecimal—Hexadecimal key. Following are the key lengths, in hexadecimal characters, for the different encryption options:des-cbcoption, 16 hexadecimal characters3des-cbcoption, 48 hexadecimal charactersaes-128-cbcoption, 32 hexadecimal charactersaes-192-cbcoption, 48 hexadecimal charactersaes-256-cbcoption, 64 hexadecimal characters
Required Privilege Level
system—To view this statement in the configuration.
system-control—To add this statement to the configuration.
Release Information
Statement introduced before Junos OS Release 7.4.
aes-128-cbc, aes-192-cbc, and aes-256-cbc options added in Junos OS Release 7.6.