Reference Guide
Usage
Information
Before you enable IPsec encryption on an OSPFv3 interface, first enable OSPFv3 globally on
the router. Configure the same encryption policy (same SPI and keys) on each interface in an
OSPFv3 link.
An SPI value must be unique to one IPsec security policy (authentication or encryption) on the
router.
When you configure encryption for an OSPFv3 area with the area encryption command,
you enable both IPsec encryption and authentication. However, when you enable
authentication on an area with the area authentication command, you do not enable
encryption at the same time.
If you have enabled IPsec authentication in an OSPFv3 area with the area
authentication
command, you cannot use the area encryption command in the
area at the same time.
The configuration of IPsec encryption on an interface-level takes precedence over an area-
level configuration. If you remove an interface configuration, an area encryption policy that has
been configured is applied to the interface.
To remove an IPsec encryption policy from an interface, enter the no area
area-id
encryption
spi
number
command.
Related
Commands
ipv6 ospf encryption – configures an IPsec encryption policy on an OSPFv3 interface.
show crypto ipsec policy – display the configuration of IPsec encryption policies.
clear ipv6 ospf process
Reset an OSPFv3 router process without removing or re-configuring the process.
Z-Series
Syntax
clear ipv6 ospf process
Command Modes
• EXEC
• EXEC Privilege
Command History
This guide is platform-specific. For command information about other platforms, refer to the
relevant
FTOS Command Line Reference Guide
.
The following is a list of the FTOS version history for this command.
Version 9.1.(0.0) Introduced on the S4810 and Z9000.
Version 8.3.19.0 Introduced on the S4820T.
Version 7.8.1.0 Added support for C-Series.
Version 7.4.1.0 Introduced on the E-Series.
1024