Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1311131213131314131513161317131813191320
A-82
Command-Line Reference
Global Configuration Context
ipsec enable
To enable (or disable) IPsec globally, enter the following command.
Syntax: [no] ipsec enable
ipsec icmp
ICMP error messages may not be allowed by the traffic selectors that select
traffic for the VPN tunnel. However, these error messages are often necessary
for a session. When you enable the TMS zl Module to send ICMP messages, it
will return an ICMP error message when it receives bad or inconsistent data.
When you enable the module to handle ICMP messages the module will accept
incoming ICMP error messages.
Both of these functions are enabled by default.
To enable (or disable) the TMS zl Module to send or handle (accept) ICMP
error messages, enter the following command.
Syntax: [no] ipsec icmp < send | handle > enable
ipsec ikev1
To create or edit (or delete) an IKEv1 policy and enter the IKEv1 context, enter
the following:
Syntax: [no] ipsec ikev1 <policy name>
Replace <policy name> with the unique name of the IKE policy that you are
creating or editing (1–15 alphanumeric characters).
After entering this command, you will be moved to the CLI’s IKEv1 context.
See “IKEv1 Context” on page A-123.
To delete an IKE policy, use the no option. Replace <policy name> with the
name of the IKE policy that you want to delete.
ipsec ip-compression
Use this command to set the minimum packet size for IP compression. When
IP compression is enabled for an SA (as specified in the IPsec policy advanced
settings), all packets of this size or larger will be compressed.
Enter the following command:
Syntax: ipsec ip-compression packet size <size>