Command Reference Guide
3Com Router 3000 Ethernet Family
Command Reference Guide
Chapter 5 IPSec Configuration Commands
3Com Corporation
5-35
As for the ipsec policy in manual mode, it is necessary to set the local address before
the SA can be established. A security tunnel is set up between the local and remote end,
so the local address and remote address must be correctly configured before a security
tunnel can be set up.
Related command: ipsec policy(system view), ipsec policy(interface view), security
acl , tunnel remote, sa duration and proposal.
Example
# Set the local address for the ipsec policy, which is applied at serial 4/1/2 whose IP
address is 10.0.0.1.
[3Com] ipsec policy guangzhou 100 manual
[3Com-ipsec-policy-manual-guangzhou-100] tunnel local 10.0.0.1
[3Com-ipsec-policy-manual-guangzhou-100] quit
[3Com] interface serial 4/1/2
[3Com-Serial4/1/2] ipsec policy guangzhou
5.1.28 tunnel remote
Syntax
tunnel remote ip-address
undo tunnel remote [ ip-address ]
View
Manually-established IPSec policy view
Parameter
ip-address: Remote address in dotted decimal format.
Description
Use the tunnel remote command to set the remote address of an ipsec policy.
Use the undo tunnel remote command to delete the remote address in the ipsec
policy.
By default, the remote address of an ipsec policy is not configured.
For the ipsec policy in manual mode, only one remote address can be set. If a remote
address is already set, this existing address must be deleted before a new one can be
set.
The security tunnel is established between the local and remote ends. The remote
address must be set correctly on both ends of the security tunnel.
Related command: ipsec policy (system view), ipsec policy (interface view),
security acl, tunnel local, sa duration, proposal.