Manualshelf

Command Reference Guide

ManualsBrandsHP ManualsRoutersHP 3000 Router Series
1141114211431144114511461147114811491150
3Com Router 3000 Ethernet Family
Command Reference Guide
Chapter 5 IPSec Configuration Commands
3Com Corporation
5-18
[3Com-ipsec-policy-isakmp-newpolicy1-100]
5.1.13 ipsec policy-template
Syntax
ipsec policy-template template-name seq-number
undo ipsec policy-template template-name [ seq-number ]
View
System view
Parameter
template-name: Name of the IPSec policy template, an alphanumeric string of 1 to 15
characters, case insensitive, excluding minus signs (-).
seq-number: Number of the IPSec policy template, in the range 1 to 10000. In one
IPSec policy template group, the smaller the serial number of an IPSec policy template,
the higher its preference.
Description
Use the ipsec policy-template command to establish or modify an IPSec policy
template, and enter IPSec policy template view.
Use the undo ipsec policy-template template-name command to delete the IPSec
policy template group named template-name.
Use the undo ipsec policy-template template-name seq-number command to delete
the IPSec policy template with the name of template-name and the serial number of
seq-number.
By default, no IPSec policy template exists.
A policy template that has been created with the name of template-name can be
referenced by the ipsec policy policy-name seq-number isakmp template
template-name command to create an IPSec policy.
The IPSec policy template and the security policy of IPSec IPSAMP negotiation share
the same kinds of arguments, including the referenced IPSec proposal, the protected
traffic, PFS feature, lifetime, and the address of the remote tunnel end. However, you
should note that the proposal argument is compulsory to be configured whereas other
arguments are optional. If an IPSec policy template is used for the policy match
operation undertaken in an IKE negotiation, the configured arguments must be
matched, and the settings of the initiator will be used if the corresponding arguments
have not been configured.
Related command: ipsec policy, security acl, tunnel local, tunnel remote,
proposal, display ipsec policy, ike-peer.