Crypto
Diagram
Classes
configuration (iosxe.devices)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| crypto | Class | [crypto] | No |
crypto (iosxe.devices.configuration)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| ipsec_profiles | List | [ipsec_profiles] | No | |
| ikev2_profiles | List | [ikev2_profiles] | No | |
| ikev2_keyrings | List | [ikev2_keyrings] | No | |
| ikev2_policies | List | [ikev2_policies] | No | |
| ikev2_proposals | List | [ikev2_proposals] | No |
ipsec_profiles (iosxe.devices.configuration.crypto)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Yes | ||
| set_transform_set | List | String | No | |
| set_isakmp_profile_ikev2_profile_ikev2_profile_case_ikev2_profile | String | No |
ikev2_profiles (iosxe.devices.configuration.crypto)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Yes | ||
| authentication_local_pre_share | Boolean | true, false | No | |
| authentication_remote_pre_share | Boolean | true, false | No | |
| config_exchange_request | Boolean | true, false | No | |
| delete_mode | Choice | all, attributes | No | |
| description | String | No | ||
| dpd_interval | Integer | min: 10, max: 3600 | No | |
| dpd_query | Choice | on-demand, periodic | No | |
| dpd_retry | Integer | min: 2, max: 60 | No | |
| identity_local_address | String | No | ||
| identity_local_key_id | String | No | ||
| ivrf | String | No | ||
| keyring_local | String | No | ||
| match_address_local_ip | String | No | ||
| match_fvrf | String | No | ||
| match_fvrf_any | Boolean | true, false | No | |
| match_identity_remote_ipv4_addresses | List | [match_identity_remote_ipv4_addresses] | No | |
| match_identity_remote_ipv6_prefixes | List | String | No | |
| match_identity_remote_keys | List | String | No | |
| match_inbound_only | Boolean | true, false | No |
ikev2_keyrings (iosxe.devices.configuration.crypto)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Yes | ||
| peers | List | [peers] | No |
ikev2_policies (iosxe.devices.configuration.crypto)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Yes | ||
| proposals | List | [proposals] | Yes | |
| device | String | No | ||
| match_address_local_ip | List | String | No | |
| match_fvrf | String | No | ||
| match_fvrf_any | Boolean | true, false | No | |
| match_inbound_only | Boolean | true, false | No |
ikev2_proposals (iosxe.devices.configuration.crypto)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Yes | ||
| encryption_aes_cbc_128 | Boolean | true, false | No | |
| encryption_aes_cbc_192 | Boolean | true, false | No | |
| encryption_aes_cbc_256 | Boolean | true, false | No | |
| encryption_aes_gcm_128 | Boolean | true, false | No | |
| encryption_aes_gcm_256 | Boolean | true, false | No | |
| encryption_en_3des | Boolean | true, false | No | |
| group_fifteen | Boolean | true, false | No | |
| group_fourteen | Boolean | true, false | No | |
| group_nineteen | Boolean | true, false | No | |
| group_one | Boolean | true, false | No | |
| group_sixteen | Boolean | true, false | No | |
| group_twenty | Boolean | true, false | No | |
| group_twenty_four | Boolean | true, false | No | |
| group_twenty_one | Boolean | true, false | No | |
| group_two | Boolean | true, false | No | |
| integrity_md5 | Boolean | true, false | No | |
| integrity_sha1 | Boolean | true, false | No | |
| integrity_sha256 | Boolean | true, false | No | |
| integrity_sha384 | Boolean | true, false | No | |
| integrity_sha512 | Boolean | true, false | No | |
| prf_md5 | Boolean | true, false | No | |
| prf_sha1 | Boolean | true, false | No | |
| prf_sha256 | Boolean | true, false | No | |
| prf_sha384 | Boolean | true, false | No | |
| prf_sha512 | Boolean | true, false | No |
match_identity_remote_ipv4_addresses (iosxe.devices.configuration.crypto.ikev2_profiles)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| address | String | Yes | ||
| mask | String | No |
peers (iosxe.devices.configuration.crypto.ikev2_keyrings)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Yes | ||
| description | String | No | ||
| hostname | String | No | ||
| identity_address | String | No | ||
| identity_email_domain | String | No | ||
| identity_email_name | String | No | ||
| identity_fqdn_domain | String | No | ||
| identity_fqdn_name | String | No | ||
| identity_key_id | String | No | ||
| ipv4_address | String | No | ||
| ipv4_mask | String | No | ||
| ipv6_prefix | String | No | ||
| pre_shared_key | String | No | ||
| pre_shared_key_encryption | Choice | 0, 6 | No | |
| pre_shared_key_local | String | No | ||
| pre_shared_key_local_encryption | Choice | 0, 6 | No | |
| pre_shared_key_remote | String | No | ||
| pre_shared_key_remote_encryption | Choice | 0, 6 | No |
proposals (iosxe.devices.configuration.crypto.ikev2_policies)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| proposals | String | Yes |
Examples
iosxe: devices: - name: Device1 configuration: crypto: