321
Default
No IPsec policy is applied to an interface.
Views
Interface view
Predefined user roles
network-admin
Parameters
ipv6-policy: Specifies an IPv6 IPsec policy.
policy: Specifies an IPv4 IPsec policy.
policy-name: Name of an IPsec policy, a case-insensitive string of 1 to 63 characters.
Usage guidelines
You can apply only one IPsec policy on an interface. To apply a new IPsec policy to the interface, you
must first remove the IPsec policy that is already applied to the interface.
An IKE-based IPsec policy can be applied to multiple interfaces. However, HP recommends that you
apply an IKE-based IPsec policy to only one interface. A manual IPsec policy can be applied to only one
interface.
Examples
# Apply the IPsec policy policy1 to interface GigabitEthernet 2/1/2.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/1/2
[Sysname-GigabitEthernet2/1/2] ipsec apply policy policy1
Related commands
• display ipsec { ipv6-policy | policy }
• ipsec { ipv6-policy | policy }
ipsec decrypt-check enable
Use ipsec decrypt-check enable to enable ACL checking for de-encapsulated IPsec packets.
Use undo ipsec decrypt-check to disable ACL checking for de-encapsulated IPsec packets.
Syntax
ipsec decrypt-check enable
undo ipsec decrypt-check enable
Default
ACL checking for de-encapsulated IPsec packets is enabled.
Views
System view
Predefined user roles
network-admin
To Next Page
Loading...
Need help?
General
