To Next Page

To Previous Page

348

A manual IPsec policy supports only the standard mode.

Examples

# Reference ACL 3001 for the IPsec policy policy1.

<Sysname> system-view

[Sysname] acl number 3001

[Sysname-acl-adv-3001] rule permit tcp source 10.1.1.0 0.0.0.255 destination 10.1.2.0

0.0.0.255

[Sysname-acl-adv-3001] quit

[Sysname] ipsec policy policy1 100 manual

[Sysname-ipsec-policy-manual-policy1-100] security acl 3001

# Reference ACL 3002 for the IPsec policy policy2 and specify the data protection mode as aggregation.

<Sysname> system-view

[Sysname] acl number 3002

[Sysname-acl-adv-3002] rule 0 permit ip source 10.1.2.1 0.0.0.255 destination 10.1.2.2

0.0.0.255

[Sysname-acl-adv-3002] rule 1 permit ip source 10.1.3.1 0.0.0.255 destination 10.1.3.2

0.0.0.255

[Sysname] ipsec policy policy2 1 isakmp

[Sysname-ipsec-policy-isakmp-policy2-1] security acl 3002 aggregation

Related commands

• display ipsec sa

• display ipsec tunnel

snmp-agent trap enable ipsec

Use snmp-agent trap enable ipsec command to enable SNMP notifications for IPsec.

Use undo snmp-agent trap enable ipsec command to disable SNMP notifications for IPsec.

Syntax

snmp-agent trap enable ipsec [ auth-failure | decrypt-failure | encrypt-failure | global |

tunnel-start | tunnel-stop] *

undo snmp-agent trap enable ipsec [ auth-failure | decrypt-failure | encrypt-failure | global |

tunnel-start | tunnel-stop] *

Default

All SNMP notifications for IPsec are disabled.

Views

System view

Predefined user roles

network-admin

Parameters

auth-failure: Specifies SNMP notifications for authentication failures.

HP MSR SERIES Command Reference

Other manuals for HP MSR SERIES