Manualshelf

3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
451452453454455456457458459460
460 CHAPTER 25: DVPN CONFIGURATION COMMANDS
You can execute the dvpn register-type command only when the tunnel
interface is of client type.
Related command: dvpn interface-type.
The two flags are not set by default.
Example
# Prevent the DVPN server from distributing information about the client to other
clients.
[SecBlade_VPN-tunnel0] dvpn register-type undistributed
dvpn security Syntax
dvpn security acl acl-number
undo dvpn security acl
View
Tunnel interface views
Parameter
acl-number: ACL number ranging from 3000 to 3999. This argument identifies
the ACL. Packets filtered by this ACL are not IPsec-encrypted.
Description
Use the dvpn security acl command to configure the ACL used to filter packets
pass through the tunnel interface.
Use the undo dvpn security acl command to remove the ACL.
You can configure an ACL to filter packets transmitted in a DVPN domain. Those
denied by the ACL are not IPsec-encrypted.
n
This command needs to be accompanied by the acl and rule command. If you
provide the deny keyword for the rule command and specify the corresponding
ACL in the dvpn security acl command, then all packets that match the ACL are
not IPsec-encrypted.
Example
# Specify packets denied by ACL 3100 are not IPsec-encrypted.
[SecBlade_VPN] acl number 3100
[SecBlade_VPN-acl-adv-3100] rule deny ip
[SecBlade_VPN-acl-adv-3100] quit
[SecBlade_VPN] interface tunnel 0
[SecBlade_VPN-Tunnel0] dvpn security acl 3100
dvpn server Syntax
dvpn server dvpn-class-name
undo dvpn server dvpn-class-name