sa authentication-hex (upgrade-compatible command)

Function

The sa authentication-hex command sets an authentication in hexadecimal format or cipher text for Security Associations (SAs).

sa authentication-hex { inbound | outbound } { ah | esp } plain hex-plain-key

Parameter	Description	Value
inbound	Specifies SA parameters for incoming packets.	-
outbound	Specifies SA parameters for outgoing packets.	-
ah	Specifies SA parameters for Authentication Header (AH). If the security proposal applied to an SA uses AH, ah must be configured in the sa authentication-hex command.	-
esp	Specifies SA parameters for Encapsulating Security Payload (ESP). If the security proposal applied to an SA uses ESP, esp must be configured in the sa authentication-hex command.	-
plain	Indicates the plain text used for authentication.	-
hex-plain-key	Specifies the plain text key.	The value is in hexadecimal notation. If authentication algorithm Message Digest 5 (MD5) is used, the length of the key is 16 bytes. If authentication algorithm Secure Hash Algorithm-1 (SHA-1) is used, the length of the key is 20 bytes. If authentication algorithm SHA2-256 is used, the length of the key is 32 bytes. NOTE: The MD5 and SHA-1 authentication algorithms have security risks; therefore, you are advised to use SHA-256 preferentially.

SA view

3: Management level

This command is upgrade compatible and can be executed during configuration recovery. Users cannot manually configure this command.

After the upgrade, this command is no longer supported, and it is replaced by the sa authentication-hex command.