Brocade Communications Systems 8 Command Reference Manual page 479

To display all IPSec transforms:
To display all IPSec traffic selectors:
Using the help command
To use the --help command with arguments to display the syntax of specific types and subtypes:
Fabric OS Command Reference
53-1001764-02
switch:admin> ipsecconfig --show policy ips transform -a
policy-A-B action:auto_ipsec
local:10.33.69.132
sa-proposal:ipsec-esp-a-b
ike-policy:remote-B
switch:admin> ipsecconfig --show policy ips selector -a
slt-A-B-any local:10.33.69.132
direction:outbound
transform-used:policy-A-B
slt-B-A-any local:10.33.74.13
direction:inbound
transform-used:policy-A-B
switch:admin>ipsecconfig --help add policy ips selector
Usage: ipsecConfig --add policy ips selector ARGUMENTS
ARGUMENTS
-tag <name>
-direction <in|out>
-local <addr>
-remote <addr>
-transform <name>
[-protocol <name>]
switch:admin> ipsecconfig
Usage: ipsecConfig --modify policy ike ARGUMENTS
ARGUMENTS
-tag <name>
-remote <addr>
-id <identifier>
-remoteid <identifier>
-enc <ALGORITHM>
-hash <ALGORITHM>
-prf <ALGORITHM>
-dh <number>
ENCRYPTION ALGORITHM
3des_cbc, aes128_cbc, aes256_cbc, null_enc
HASH ALGORITHM
hmac_md5, hmac_sha1, aes_xcbc
PRF ALGORITHM
hmac_md5, hmac_sha1, aes_xcbc
DH-GROUP
modp768(1), modp1024(2), modp2048(14), modp8192(18)
mode:transport
remote:10.33.74.13
remote:10.33.74.13
upper-layer-protocol:any
remote:10.33.69.132
upper-layer-protocol:any
help modify policy ike
--
ipSecConfig
selector name
traffic flow direction
source IPv4 or IPv6 address
peers IPv4 or IPv6 address
transform name
protocol nam
ike policy name
peers ipaddress
local identifier
peers identifier
encryption algorithm
hash algorithm
prf algorithm
dh group number
2
447