HP 6125XLG R2306-HP 6125XLG Blade Switch Security Command Reference - Page 264
Establishes IPsec SAs through IKE negotiation., Specifies an IPv6 IPsec policy.
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 264 highlights
Syntax ipsec { ipv6-policy | policy } policy-name seq-number [ isakmp | manual ] undo ipsec { ipv6-policy | policy } policy-name [ seq-number ] Default No IPsec policy is created. Views System view Predefined user roles network-admin Parameters ipv6-policy: Specifies an IPv6 IPsec policy. policy: Specifies an IPv4 IPsec policy. policy-name: Specifies a name for the IPsec policy, a case-sensitive string of 1 to 63 characters. seq-number: Specifies a sequence number for the IPsec policy, in the range of 1 to 65535. isakmp: Establishes IPsec SAs through IKE negotiation. manual: Establishes IPsec SAs manually. Usage guidelines • When you create an IPsec policy, you must specify the SA setup mode (isakmp or manual). When you enter the view of an existing IPsec policy, you do not need to specify the SA setup mode. • You cannot change the SA setup mode of an existing IPsec policy. • An IPsec policy is a set of IPsec policy entries that have the same name but different sequence numbers. In the same IPsec policy, an IPsec policy entry with a smaller sequence number has a higher priority. • With the seq-number argument specified, the undo command deletes the specified IPsec policy entry. Without this argument, the undo command deletes all entries of the specified IPsec policy. • An IPv4 IPsec policy and IPv6 IPsec policy can have the same name. Examples # Create an IPsec policy entry, and specify the IPsec policy name as policy1, the sequence number as 100, and the IPsec SA setup mode as IKE, and enter the IPsec policy view. system-view [Sysname] ipsec policy policy1 100 isakmp [Sysname-ipsec-policy-isakmp-policy1-100] # Create an IPsec policy entry, and specify the IPsec policy name as policy1, the sequence number as 101, and the IPsec SA setup mode as manual, and enter the IPsec policy view. system-view [Sysname] ipsec policy policy1 101 manual [Sysname-ipsec-policy-manual-policy1-101] Related commands • display ipsec { ipv6-policy | policy } • ipsec { ipv6-policy | policy } (interface view) 255