TMS zl Management and Configuration Guide ST.1.2.100916
A-132
Command-Line Reference
IPsec Policy Context
Therefore, it is very important that you are ready to complete the IPsec policy
before entering the IPsec policy context. Otherwise, you will have to exit the
IPsec policy context without entering the apply command, causing you to lose
any configurations that you have made to your policy. To ready yourself to
create an Apply IPsec policy, you must first create:
■ An IKEv1 policy (unless you are using manual keying)
■ An IPsec proposal
You do not need to complete any prior configurations to create a Deny or
Bypass IPsec policy.
To enter the IPsec context, enter the following command:
Syntax: ipsec policy <policy name>
Replace <policy name> with the name of the IPsec policy that you are
configuring. This can be a new policy that you are creating or an existing policy
that you want to edit.
To verify your location in the CLI, check the prompt. In the IPsec policy
context, the prompt is hostswitch(tms-module-<slot ID>:ipsec)#.
To exit the IPsec policy context, enter the following command:
Syntax: exit
If you have not applied your configuration, you will be warned that you will
lose the IPsec policy information and prompted to continue.
The sections below document the commands available in the IPsec policy
context. You can:
■ Set the action (page A-133)
■ Set the policy’s position (page A-133)
■ Enable the policy (page A-133)
■ Set the traffic selector (page A-135)
■ Preview the IPsec policy (page A-134)
■ Apply the IPsec policy (page A-133)