3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide
382 CHAPTER 22: IPSEC CONFIGURATION COMMANDS
Example
# Establish an IPsec policy template with the name of template1 and the serial
number of 100.
[SecBlade_VPN] ipsec policy-template template1 100
[SecBlade_VPN-ipsec-policy-template- template1-100]
ipsec proposal Syntax
ipsec proposal proposal-name
undo ipsec proposal proposal-name
View
System view
Parameter
proposal-name: Name of the specified proposal. The naming rule is: the length of
the name is 1 to 15 characters, case insensitive.
Description
Use the ipsec proposal proposal-name command to establish or modify a
proposal named proposal-name, and enter IPsec proposal view.
Use the undo ipsec proposal proposal-name command to delete the proposal
named proposal-name.
By default, no proposal exists.
This proposal is a combination of the security protocol, encryption and
authentication algorithm and packet encapsulation format for implementing IPsec
protection.
An IPsec policy determines the protocol, algorithm and encapsulation mode to be
adopted by the use of the proposal. Before the IPsec policy uses a proposal, this
proposal must have already been set up.
After a new IPsec proposal is established by using the IPsec proposal command,
the ESP protocol, DES encryption algorithm and MD5 authentication algorithm are
adopted by default.
Related command: ah authentication-algorithm, esp encryption-algorithm,
esp authentication-algorithm, encapsulation-mode, proposal, display ipsec
proposal and transform.
Example
# Establish a proposal named newprop1.
[SecBlade_VPN] ipsec proposal newprop1
ipsec sa global-duration Syntax
ipsec sa global-duration { time-based seconds | traffic-based kilobytes }
undo ipsec sa global-duration { time-based | traffic-based }