Command Reference Guide
3Com Router 3000 Ethernet Family
Command Reference Guide
Chapter 5 IPSec Configuration Commands
3Com Corporation
5-16
any of the access control lists used by all the ipsec policies, it will be directly transmitted
(that is, IPSec will not protect the packet).
To prevent transmitting any unencrypted packet from the interface, it is necessary to
use the firewall together with IPSec; the firewall is for dropping all the packets that do
not need to be encrypted.
Related command: ipsec policy(system view).
Example
# Apply an ipsec policy whose name is policy1 to interface Serial 4/1/2.
[3Com] interface serial 4/1/2
[3Com-Serial4/1/2] ipsec policy policy1
5.1.12 ipsec policy (in System View)
Syntax
ipsec policy policy-name seq-number [ manual | isakmp [ template template-name ] ]
undo ipsec policy policy-name [ seq-number ]
View
System view
Parameter
policy-name: Name of the ipsec policy. The naming rule is: the length of the name is 1
to 15 characters, the name is case insensitive and the characters can be English
characters or numbers, cannot include “-”.
seq-number: Sequence number of the ipsec policy, ranging 1 to 10000, with lower
value indicating higher sequence priority.
manual: Sets up SA manually.
isakmp: Sets up SA through IKE negotiation.
template: Dynamically sets up SA by using policy template. The policy-name
discussed here will reference template-name which is a created policy template thus
named.
template-name: Name of the template.
Description
Use the ipsec policy command to establish or modify an ipsec policy, and enter IPSec
policy view.
Use the undo ipsec policy policy-name command to delete an IPSec policy group
whose name is policy-name.