Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100226

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1271127212731274127512761277127812791280
A-82
Command-Line Reference
Global Configuration Context
To delete an IPsec proposal, enter the following:
Syntax: no ipsec proposal <proposal name>
Replace <proposal name> with the name of the IPsec proposal that you want
to delete.
ipsec policy
To create or edit (or delete) an IPsec policy, enter the following command:
Syntax: [no] ipsec policy <policy name>
Replace <policy name> with the unique name of the policy you are creating
or editing (1–32 alphanumeric characters).
After entering this command, you will be moved to the CLI’s IPsec context.
See “IPsec Policy Context” on page A-127.
ipsec sa
Use this command to control auto SA revalidation and the maximum number
of SA per IPsec policy.
Auto SA revalidation allows the TMS zl Module to automatically revalidate
SAs when the associated policy is changed or when the time or bandwidth
lifetime expires. If you disable auto SA revalidation, the TMS zl Module does
not revalidate the SA until a packet arrives for that SA (which might slow
processing for that packet). This feature is enabled by default.
Enter this command to enable (or disable) auto SA revalidation:
Syntax: [no] ipsec sa auto-revalidation enable
To set the maximum number of SAs that can be established using each IPsec
policy, enter the following command:
Syntax: ipsec sa maximum <maximum number>
Replace <maximum number> with the value for the maximum number of
SAs you want to allow per policy (2-10000). Note that two SAs (one inbound
and one outbound) are required for each connection.