Table of Contents
Advertisement
Configuring IPsec
-> show ipsec policy tcp_in
Name
= tcp_in
Priority
= 500
Source
= 3ffe:1:1:1::99
Destination = 3ffe:1:1:1::1
Protocol
= TCP
Direction
= in
Action
= ipsec
State
= active
Rules:
1 : esp
Description:
IPsec on all inbound TCP
Configuring an IPsec Rule
To configure an IPsec rule for a configured IPsec security policy, use the
along with the policy name, index value for the IPsec policy rule, and IPsec protocol type (AH or ESP).
For example:
-> ipsec policy tcp_in rule 1 esp
The above command applies the configured IPsec security policy with rule 1 to ESP. The index value
specified determines the order in which a rule should get applied to the payload. The policy name
configured for the IPsec policy rule should be the same as the policy name configured for the IPsec
security policy. It's possible to first encrypt the original content of an IPv6 packet using ESP and then
authenticate the packet using AH by configuring an ESP rule with an index of one and then configuring
the AH rule with an index of two. For example:
-> ipsec policy tcp_in rule 1 esp
-> ipsec policy tcp_in rule 2 ah
Use the no form of this command to remove the configured IPsec rule for an IPsec security policy.
example:
-> no ipsec policy tcp_in rule 2
Verifying IPsec rule for IPsec Policy
To verify the IPsec policy, use the
-> show ipsec policy tcp_in
Name
= tcp_in
Priority
= 500
Source
= 3ffe:1:1:1::99
Destination = 3ffe:1:1:1::1
Protocol
= TCP
Direction
= in
Action
= ipsec
State
= active
Rules:
1 : esp,
2 : ah
Description:
IPsec on all inbound TCP
OmniSwitch AOS Release 8 Network Configuration Guide
show ipsec policy
command. For example:
December 2017
Configuring IPsec on the OmniSwitch
ipsec policy rule
command
page 18-14
For
- Quick Links:
- Ethernet Port Defaults
Hide quick links:
Advertisement
Table of Contents
