show crypto ipsec policy – displays the configuration of IPsec authentication
policies.
area encryption
Configure an IPsec encryption policy for OSPFv3 packets in an OSPFv3 area.
S4820T
Syntax
area area-id encryption ipsec spi number esp encryption-
algorithm [key-encryption-type] key authentication-algorithm
[key-encryption-type] key
Parameters
area area-id
Area for which OSPFv3 traffic is to be encrypted. For area-id,
enter a number.
The range is from 0 to 4294967295.
ipsec spi
number
Security Policy index (SPI) value that identifies an IPsec
security policy.
The range is from 256 to 4294967295.
esp
encryption-
algorithm
Encryption algorithm used with ESP.
Valid values are: 3DES, DES, AES-CBC, and NULL.
For AES-CBC, only the AES-128 and AES-192 ciphers are
supported.
key-
encryption-
algorithm
(OPTIONAL) Specifies if the key is encrypted.
Valid values: 0 (key is not encrypted) or 7 (key is encrypted).
key
Text string used in encryption.
The required lengths of a non-encrypted or encrypted key
are:
3DES - 48 or 96 hex digits; DES - 16 or 32 hex digits; AES-
CBC -32 or 64 hex digits for AES-128 and 48 or 96 hex digits
for AES-192.
authentication-
algorithm
Specifies the authentication algorithm to use for encryption.
Valid values are MD5 or SHA1.
1346
Open Shortest Path First (OSPFv2 and OSPFv3)