2133

View IPSec policy view/IPSec policy template view

Parameter peer-name: IKE peer name, a string of 1 to 15 characters.

Description Use the ike-peercommand to reference an IKE peer in an IPSec policy or IPSec policy template configured through IKE negotiation.

Use the undo ike peer command to remove the reference of an IKE peer.

Note that this command applies to only IKE negotiation mode.

Related command: ipsec policy-template.

Example # Configure a reference to an IKE peer in an IPSec policy.

<Sysname> system-view

[Sysname] ipsec policy policy1 10 isakmp

[Sysname-ipsec-policy-isakmp-policy1-10] ike-peer peer1

ipsec binding policy

Syntax ipsec binding policy policy-name[ seq-number] [ primary ]

undo ipsec binding policy policy-name[ seq-number] [ primary ]

View Encryption card interface view

Parameter policy-name: Name of the IPSec policy, a case insensitive string of 1 to 15 characters. Valid characters are English letters and numbers. No minus sign “-” can be included.

seq-number: Sequence number of the IPSec policy, in the range of 1 to 10000, with a smaller value indicating a higher priority.

primary: Specifies the current encryption card as the primary card of the IPSec policy.

Description Use the ipsec binding policy command to bind an IPSec policy or an IPSec policy group to the encryption card interface.

Use the undo ipsec binding policy command to remove the binding.

By default, an encryption card interface is bound with no IPSec policy.

Note that:

An IPSec policy group can be bound to an encryption card either before or after it is applied to an interface as long as you create it first. After binding an IPSec policy group to an encryption card, you must apply it to at least one interface so that the flows matching the policy are to be processed with the encryption card.

Page 2133
Image 2133
3Com MSR 50, MSR 30 manual Ipsec binding policy, Related command ipsec policy-template, 2133