Versions Compared

Old Version 1

changes.mady.by.user Ribbon Communications

Saved on

compared with

New Version Current

changes.mady.by.user Ribbon Communications

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Add_workflow_for_techpubs
AUTH1UserResourceIdentifier{userKey=8a00a0c880e94aad0181077fa2530009, userName='null'}
JIRAIDAUTHSBX-128457
REV5UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cd5909df, userName='null'}
REV6UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cb8305e9, userName='null'}
REV3UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26c87c010e, userName='null'}
REV1UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cc650806, userName='null'}

...

This profile specify an encryption cipher, a maximum time period for maintaining a security association between these peers (the SA "lifetime"), and an anti-replay policy. The three profiles are prioritized from one to three for usage with the SPD entry.

Command Syntax

Code Block
languagenone
% set profiles security ipsecProtectionProfile <profile name> 
	espAlgorithms 
		encryption <_3DesCbc | aesCbc128 | null> 
		integrity <hmacMd5 | hmacSha1 |

...

 hmacSha256 | hmacSha384 | hmacSha512> 
	saLifetimeByte <10000-4294967295 (in bytes), or unlimited> 
	saLifetimeTime <1200-1000000 (in seconds)>   
% show profiles security ipsecProtectionProfile <profile name> 
	displaylevel <displaylevel> 
	espAlgorithms 
		encryption 
		integrity 
	saLifetimeByte 
	saLifetimeTime   
% delete profiles security ipsecProtectionProfile <profile name>

Command Parameters

The IPsec Protection Profile Parameters are as shown below:

Caption
0Table
1IPsec Protection Profile Parameters
3IPsec Protection Profile Parameters


Parameter

Length/Range

Description

ipsecProtectionProfile

1-23

The name of the IPsec Protection Profile. This profile establishes the encryption algorithm, the maximum SA lifetime, and the replay rules for an SPD entry. These properties are used by the SBC when it forms an IPsec Security Association with a peer.

espAlgorithms

N/A

The IPsec Protection Profile ESP protocol cipher configurations.

  • encryption – The IPsec Protection Profile Encryption Cipher.
    • _3DesCbc
    • aesCbc128 (default)
    • null
  • integrity – The IPsec Protection Profile Integrity Cipher.
    • hmacMd5
    • hmacSha1 (default)
    • hmacSha256
    • hmacSha384
    • hmacSha512

saLifetimeByte

10000-4294967295

IPsec Protection Profile SA Lifetime setting in number of bytes. (default = unlimited)

saLifetimeTime

1200-1000000

The SA Lifetime setting, in seconds. This is the maximum interval that any one Security Association will be maintained before possible re-keying. This parameter applies to the IKE SA when it appears in the IKE Protection Profile and to the IPsec SA when it appears in the IPsec Protection Profile. (default = 28800, which corresponds to 8 hours)

...

displaylevel

...

1-64

...


Command Example

Code Block
languagenone
% show profiles security ipsecProtectionProfile 
 AesSha1IpsecProfile 
	{ 
	saLifetimeTime 28800; 
	saLifetimeByte unlimited; 
	espAlgorithms 
	{ 
		encryption null,_3DesCbc,aesCbc128; 
		integrity hmacSha1; 
	} 
	}