Alcatel-Lucent 6850-48 Reference Guide
IPsec commands
OmniSwitch CLI Reference Guide
September 2009
page 34-9
ipsec policy rule
Configures an IPsec rule for an IPsec security policy.
ipsec policy policy_name rule index [ah | esp]
no ipsec policy policy_name rule index
Syntax Definitions
policy_name
The name of an existing IPsec security policy.
index
The index of this rule. Values range from 1 to 10.
ah
Specifies that the rule requires the presence of an Authentication Header
(AH).
(AH).
esp
Specifies that the rule requires the presence of an Encrypted Security
Payload (ESP).
Payload (ESP).
Defaults
N/A
Platforms Supported
OmniSwitch 6850, 9000, 9000E
Usage Guidelines
• The IPsec security policy name specified with this command must already exist in the switch configu-
ration. Use the ipsec policy command to create a new security policy.
• The index value configured for the IPsec policy rule determines the order in which a rule is applied to
the original payload. For example, to first enclose the original contents of an IPv6 packet in an ESP
and then authenticate the encrypted payload with an AH, configure the ESP rule with and index of one
and the AH rule with an index of two.
and then authenticate the encrypted payload with an AH, configure the ESP rule with and index of one
and the AH rule with an index of two.
Examples
-> ipsec policy tcp_in rule 1 esp
-> ipsec policy tcp_in rule 2 ah
-> no ipsec policy tcp_in rule 2
Release History
Release 6.3.4; command was introduced.
Related Commands
Configures an IPsec security policy.
Displays the IPsec security policy configuration for the switch.