No relevant resource is found in the selected language.
Enterprise
Worldwide
Huawei Global - English
Support Documentation
WLAN AC V200R010C00 Command Reference
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
transform

transform

Function

The transform command specifies a security protocol used in an IPSec proposal.

The undo transform command restores the default configuration.

By default, an IPSec proposal uses the ESP protocol.

Format

transform { ah | ah-esp | esp }

undo transform

Parameters

Parameter Description Value
ah

Indicates that the IPSec proposal uses the Authentication Header (AH) protocol.

 -
ah-esp

Indicates that the IPSec proposal encapsulates packets through ESP, then through AH.

 -
esp

Indicates that the IPSec proposal uses the ESP protocol.

 -

Views

IPSec proposal view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Three security modes are available and their differences are as follows:
  • In the AH mode, devices only authenticate packets.
  • In the ESP mode, devices provide packet authentication, encryption, or both functions.
  • In the AH-ESP mode, devices use the AH protocol to authenticate packets and the ESP protocol to encrypt packets. During IPSec encapsulation, devices encapsulate packets using ESP and then AH. During IPSec decapsulation, devices decapsulate packets using AH and then ESP.

AH prevents data tampering but cannot prevent data from being listened to, so it applies only to the transmission of non-confidential data. ESP provides authentication service inferior to that of AH, but it can encrypt packet payloads.

Precautions

The IPSec proposals configured on both ends of an IPSec tunnel must use the same security protocol.

Example

# Set the security protocol used in IPSec proposal newprop1 to AH.

<AC6605> system-view
[AC6605] ipsec proposal newprop1
[AC6605-ipsec-proposal-newprop1] transform ah
Translation
简体中文
Download
Updated: 2021-02-27

Document ID: EDOC1100064351

Views: 3204312

Downloads: 595

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next
Huawei e+ App Huawei e+

Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :