Transform-Set - HP 5920 Command Reference Manual
Hide thumbs
Also See for 5920:
- Command reference manual (607 pages) ,
- Configuration manual (424 pages) ,
- Fc and fcoe configuration manual (257 pages)
Table of Contents
Advertisement
<Sysname> system-view
[Sysname] acl number 3001
[Sysname-acl-adv-3001] rule permit tcp source 10.1.1.0 0.0.0.255 destination 10.1.2.0
0.0.0.255
[Sysname-acl-adv-3001] quit
[Sysname] ipsec policy policy1 100 manual
[Sysname-ipsec-policy-manual-policy1-100] security acl 3001
Related commands
display ipsec sa
•
display ipsec tunnel
•
transform-set
Use transform-set to reference an IPsec transform set for an IPsec policy, IPsec policy template, or IPsec
profile.
Use undo transform-set to remove the IPsec transform set referenced by an IPsec policy, IPsec policy
template, or IPsec profile.
Syntax
transform-set transform-set-name&<1-6>
undo transform-set [ transform-set-name ]
Default
An IPsec policy, IPsec policy template, or IPsec profile references no IPsec transform set.
Views
IPsec policy view, IPsec policy template view, IPsec profile view
Predefined user roles
network-admin
Parameters
transform-set-name&<1-6>: Specifies an IPsec transform set by its name, a case-sensitive string of 1 to 63
characters. &<1-6> means that you can specify up to six IPsec transform sets.
Usage guidelines
A manual IPsec policy can reference only one IPsec transform set. If you specify an IPsec transform set for
the manual IPsec policy multiple times, the most recent one takes effect.
An IKE-based IPsec policy can reference six IPsec transform sets at most. During an IKE negotiation, IKE
searches for a fully matched IPsec transform set at the two ends of the IPsec tunnel. If no match is found,
no SA can be set up, and the packets expecting to be protected will be dropped.
If you do not specify the transform-set-name argument, the undo transform-set command removes all
referenced IPsec transform sets.
364
Advertisement
Table of Contents
