Manualshelf

HP VPN Firewall Appliances VPN Command Reference

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
919293949596979899100
85
Related commands
sa duration
display ipsec sa duration
Examples
# Set the time-based global SA lifetime to 7200 seconds (2 hours).
<Sysname> system-view
[Sysname] ipsec sa global-duration time-based 7200
# Set the traffic-based global SA lifetime to 10240 kilobytes (10 Mbytes).
[Sysname] ipsec sa global-duration traffic-based 10240
ipsec synchronization enable
Use ipsec synchronization enable to enable IPsec stateful failover.
Use undo ipsec synchronization enable to disable IPsec stateful failover.
Syntax
ipsec synchronization enable
undo ipsec synchronization enable
Default
IPsec stateful failover is enabled.
Views
System view
Default command level
2: System level
Usage guidelines
You enable IPsec stateful failover typically on two redundant gateways in active/standby mode to ensure
instant IPsec tunnel failover for nonstop services.
Disabling IPsec stateful failover will delete all active or standby IPsec SAs and IKE SA.
Examples
# Enable IPsec stateful failover.
<Sysname> system-view
[Sysname] ipsec synchronization enable
ipsec transform-set
Use ipsec transform-set to create an IPsec transform set and enter IPsec transform set view.
Use undo ipsec transform-set to delete an IPsec transform set.
Syntax
ipsec transform-set transform-set-name
undo ipsec transform-set transform-set-name