Manualshelf

R3303-HP HSR6800 Routers Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution
531532533534535536537538539540
524
Default
No ACL is referenced.
Views
GDOI KS group IPsec policy view
Default command level
2: System level
Parameters
access-list-number: Specifies an ACL by its number in the range of 3000 to 3999.
name access-list-name: Specifies an ACL by its name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
The GDOI KS sends the ACL to GMs, which use the ACL to filter traffic, so as to determine the traffic to
be protected by TEKs.
Examples
# Configure IPsec policy 10 for the GDOI KS group abc, and then reference ACL 3000 for the IPsec
policy.
<Sysname> system-view
[Sysname]gdoi ks group abc
[Sysname-gdoi-ks-group-abc] ipsec 10
[Sysname-gdoi-ks-group-abc-ipsec-10] security acl 3000
[Sysname-gdoi-ks-group-abc-ipsec-10]
Related commands
gdoi ks group
ipsec
source address
Use source address to specify the source address for packets sent by the KS.
Use undo source address to delete the source address specified for the KS.
Syntax
source address ip-address
undo source address
Default
No source address is specified. The KS uses the source address specified in the first rule of the rekey ACL
as the source address of sent packets.
Views
GDOI KS group view
Default command level
2: System level