R2511-HP MSR Router Series Security Command Reference(V5)
211
Views
System view
Default command level
2: System level
Parameters
policy-name: Specifies the name for the IPsec policy, a case-insensitive string of 1 to 15 characters. No
minus sign (-) can be included.
seq-number: Specifies the sequence number for the IPsec policy, in the range of 1 to 65535.
isakmp template template-name: Specifies the name of the IPsec policy template to be referenced.
Usage guidelines
In an IPsec policy group, an IPsec policy with a smaller sequence number has a higher priority.
After you create an IPsec policy by referencing an IPsec policy template, to modify the configuration for
the IPsec policy, you must enter the IPsec policy template view instead of the IPsec policy view.
You cannot change the negotiation mode of an IPsec policy. To do so, you must delete the IPsec policy
and then re-create it.
Related commands
• ipsec policy (system view)
• ipsec policy-template
Examples
# Create an IPsec policy with the name policy2 and sequence number 200 by referencing IPsec policy
template temp1.
<Sysname> system-view
[Sysname] ipsec policy policy2 200 isakmp template temp1
ipsec policy local-address
Use ipsec policy local-address to configure an IPsec policy group as a shared source interface policy
group. This equals binding the IPsec policy group to a source interface. Only loopback interfaces can be
source interfaces.
Use undo ipsec policy local-address to remove a shared source interface policy group.
Syntax
ipsec policy policy-name local-address loopback number
undo ipsec policy policy-name local-address
Views
System view
Default command level
2: System level
Parameters
policy-name: Specifies the name of an IPsec policy, a case-insensitive string of 1 to 15 characters. Valid
characters are English letters and numbers. No minus sign (-) can be included.