transform

Function

The transform command configures the security protocol in a security proposal.

The undo transform command restores the default security protocol.

By default, the Encapsulating Security Payload (ESP) protocol is used.

Format

transform { ah | esp | ah-esp }

undo transform

Parameters

Parameter Description Value
ah

Configures Authentication Header (AH) as the security protocol.

-
esp

Configures ESP as the security protocol.

-
ah-esp

Uses the ESP protocol to protect the packets and then use the AH protocol to authenticate packets.

-

Views

IPsec proposal view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
ipsec write

Usage Guidelines

Usage Scenario

Based on protocol packet encryption and authentication at the IP layer, IPsec ensures the integrity, authenticity, and confidentiality of protocol packets transmitted on networks. IPsec uses two protocols, AH and ESP, for protocol packet authentication and encryption.

Follow-up Procedure

Configure the authentication algorithm for AH when AH is used.

Configure the authentication and encryption algorithms for ESP when ESP is used.

Precautions

The security protocols on both IPsec peers must be identical.

Example

# Configure AH for the security proposal named prop.
<HUAWEI> system-view
[~HUAWEI] ipsec proposal prop1
[*HUAWEI-ipsec-proposal-prop1] transform ah
Parent Topic: IPSec Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic