TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

1391

A-164

Command-Line Reference

IPsec Policy Context

ProCurve(tms-module-<slot ID>:ipsec:apply)# advanced

copy-dscp enable df-bit-handling clear

ProCurve(tms-module-<slot ID>:ipsec:apply)# preview

IPsec policy

-------------------------------------------------------

*Policy Name: policytest

Status: Enabled

Action: Apply

Direction: Both

Position: 1

Traffic Selector

*Protocol: Any

*Local Address: 10.1.5.0/24

*Remote Address: 10.2.15.0/24

IPsec Proposal

*Policy Name: testprop

Key Management

Key Exchange Method: Auto (with IKEv1)

*IKEv1 Policy: iketest

PFS (Perfect Forward Secrecy) for keys: Enabled

Diffie-Hellman (DH) Group: Group 2 (1024)

SA Lifetime in Seconds: 28800

SA Lifetime in Kilobytes: 100000

IP Address Pool for IRAS: Disabled

Advanced Settings

IP compression: Enabled

Anti-Replay Window Size: 64

Extended sequence number: Enabled

Re-key on sequence number overflow: Enabled

Persistent tunnel: Disabled

Fragment before IPsec: Enabled

Copy DSCP value from clear packet: Enabled

DF Bit Handling: Clear DF bit.

ProCurve(tms-module-<slot ID>:ipsec:apply)# apply

ProCurve(tms-module-<slot ID>:ipsec)# exit

ProCurve(tms-module-<slot ID>:config)# exit