HP 8/20q HP StorageWorks 8/20q Fibre Channel Switch Command Line Interface Gui - Page 29

Modifying a user-defined policy To modify an existing user-defined policy, enter the ipsec policy edit command in an Admin session and an Ipsec Edit session, as shown in the following example. An asterisk (*) indicates a required entry. 8/20q FC Switch #> admin start 8/20q FC Switch (admin) #> ipsec edit 8/20q FC Switch (admin-ipsec) #> ipsec policy edit h2h-sh-sp A list of attributes with formatting and current values will follow. Enter a new value or simply press the ENTER key to accept the current value. To remove a value for an optional attribute, use 'n'. If you wish to terminate this process before reaching the end of the list press 'q' or 'Q' and the ENTER key to do so. Current Values: Description . . . espRuleLevel Host-to-host: switch->host require New Value (press ENTER to not specify value, 'q' to quit, 'n' for none): Description (string value, 0-127 bytes) : *SourceAddress (IPv4, IPv6 or hostname/[PrefixLength]) : SourcePort (decimal value, 1-65535) : *DestinationAddress (IPv4, IPv6 or hostname/[PrefixLength]) : DestinationPort (decimal value, 1-65535) : *Protocol (decimal value, or keyword) Allowed keywords icmp, icmp6, ip4, tcp, udp or any : tcp *Direction (1=in, 2=out) : Priority (value, -2147483647 to +2147483647) : *Action (1=discard, 2=none, 3=ipsec) : *ProtectionDesired (select one, transport-mode only) 1=ah Authentication Header 2=esp Encapsulating Security Payload 3=both : *ahRuleLevel (1=default, 2=use, 3=require) : *espRuleLevel (1=default, 2=use, 3=require) : The security policy has been edited. This configuration must be saved with the 'ipsec save' command before it can take effect, or to discard this configuration use the 'ipsec cancel' command. 8/20q FC Switch (admin-ipsec) #> ipsec save The IPsec configuration will be saved and activated. Please confirm (y/n): [n] y HP StorageWorks 8/20q Fibre Channel Switch Command Line Interface Guide 29