Defaults

Command Modes

Command History

Usage Information

Related Commands

For MD5 authentication, the key must be 32 hex digits (non- encrypted) or 64 hex digits (encrypted).

For SHA-1 authentication, the key must be 40 hex digits (non-encrypted) or 80 hex digits (encrypted).

Not configured.

INTERFACE

This guide is platform-specific. For command information about other platforms, refer to the relevant Dell Networking OS Command Line Reference Guide.

The following is a list of the Dell Networking OS version history for this command.

VersionDescription

9.1.(0.0)

Introduced on the S4810 and Z9000.

8.4.2.0Introduced on the E-Series TeraScale.

8.3.19.0Introduced on the S4820T.

Before you enable IPsec encryption on an OSPFv3 interface, first enable IPv6 unicast routing globally, configure an IPv6 address and enable OSPFv3 on the interface, and assign the interface to an area.

An SPI value must be unique to one IPsec security policy (authentication or encryption) on the router. Configure the same encryption policy (same SPI and key) on each OSPFv3 interface in a link.

To remove an IPsec encryption policy from an interface, enter the no ipv6 ospf encryption spi number command. To remove null authentication on an interface to allow the interface to inherit the authentication policy configured for the OSPFv3 area, enter the no ipv6 ospf no ipv6 ospf encryption null command.

area encryption – configures an IPsec encryption policy for an OSPFv3 area.

show crypto ipsec policy – displays the configuration of IPsec encryption policies.

show crypto ipsec sa ipv6 – displays the security associations set up for OSPFv3 interfaces in encryption policies.

Open Shortest Path First (OSPFv2 and OSPFv3)

1157

Page 1157
Image 1157
Dell 9.7(0.0) manual 1157