HP MSR Series Command Reference Manual page 364

Predefined user roles
network-admin
Parameters
transform-set-name&<1-6>: Specifies a space-separated list of up to six IPsec transform sets by their
names, a case-insensitive string of 1 to 63 characters.
Usage guidelines
A manual IPsec policy can reference only one IPsec transform set. If you specify an IPsec transform set for
the manual IPsec policy multiple times, the most recent configuration takes effect.
An IKE-based IPsec policy can reference six IPsec transform sets at most. During an IKE negotiation, IKE
searches for a fully matched IPsec transform set at the two ends of the IPsec tunnel. If no match is found,
no SA can be set up, and the packets expecting to be protected will be dropped.
If you do not specify the transform-set-name argument, the undo transform-set command removes all
referenced IPsec transform sets.
Examples
# Reference the IPsec transform set prop1 for the IPsec policy policy1.
<Sysname> system-view
[Sysname] ipsec transform-set prop1
[Sysname-ipsec-transform-set-prop1] quit
[Sysname] ipsec policy policy1 100 manual
[Sysname-ipsec-policy-manual-policy1-100] transform-set prop1
Related commands
• ipsec { ipv6-policy | policy }
ipsec profile
•
ipsec transform-set
•
350