Configuring IPsec
Quick Steps for Configuring an IPsec Discard
Policy
IPsec can be used for discarding IP traffic as well as configuring encryption and authentication. For
discard policies, no rules, SAs or keys need to be defined.
1
Define the policy. The commands below use similar policy information as in the previous example but
the action has been changed to discard:
-> ipsec policy Discard_ALLoutMD5 source 664:1:1:1::199/64 destination
664:1:1:1::1/64 protocol any out discard no shutdown
-> ipsec policy Discard_ALLinMD5 source 664:1:1:1::1/64 destination
664:1:1:1::199/64 protocol any in discard no shutdown
2
Use the following show commands to verify the IPsec configuration:
-> show ipsec policy
-> show ipsec ipv6 statistics
OmniSwitch AOS Release 6 Network Configuration Guide
Quick Steps for Configuring an IPsec Discard Policy
September 2009
page 27-5