Method used to enable IPSec encryption algorithms approved by the State Password Administration Committee Office on the USG6000

Encryption algorithms approved by the State Password Administration Committee Office used by the USG6000
1. Definition of encryption algorithms (SM1 and SM4) approved by the State Password Administration Committee Office
The encryption algorithms approved by the State Password Administration Committee Office are symmetrical algorithms based on commercial cipher packet standards. Both packet length and key length of the encryption algorithms approved by the State Password Administration Committee Office are 128-bit.
When high security is required, the SM1 or SM4 encryption algorithms can fully satisfy the encryption requirements.
sm1 indicates that the SM1 encryption algorithm is adopted.
It indicates the SM1 encryption algorithm. This encryption algorithm has the following limitations:
Only the USG6510-SJJ supports this encryption algorithm.
This encryption algorithm can only be used for IKEv1 negotiation.
sm4 indicates the SM4 encryption algorithm. This encryption algorithm has the following limitations:
This encryption algorithm requires a license.
This encryption algorithm can only be used for IKEv1 negotiation.
1. Configure encryption algorithms approved by the State Password Administration Committee Office.

system-view
[sysname] ike proposal 10
[sysname-ike-proposal-10] encryption-algorithm SM1

system-view
[sysname] ipsec proposal newprop1
[sysname-ipsec-proposal-newprop1] transform esp
[sysname-ipsec-proposal-newprop1] esp authentication-algorithm sm3

Scroll to top