Alcatel-Lucent 6850-48 Reference Guide
IPsec commands
OmniSwitch CLI Reference Guide
September 2009
page 34-11
ipsec sa
Configures an IPsec Security Association (SA).
ipsec sa sa_name {esp | ah} [source ipv6_address] [destination ipv6_address] [spi spi] [encryption
{null | des-cbc | 3des-cbc | aes-cbc [key-size key_length] | aes-ctr [key-size key_length]}] [authentica-
tion {none | hmac-md5 | hmac-sha1 | aes-xcbc-mac}] [description description] [no shutdown | shut-
down]
{null | des-cbc | 3des-cbc | aes-cbc [key-size key_length] | aes-ctr [key-size key_length]}] [authentica-
tion {none | hmac-md5 | hmac-sha1 | aes-xcbc-mac}] [description description] [no shutdown | shut-
down]
no ipsec sa name
Syntax Definitions
sa_name
The name assigned to this IPsec SA.
esp
Specifies the type of security association as ESP.
ah
Specifies the type of security association as AH.
source ipv6_address
Specifies the source address of the IPv6 traffic that will be covered by
the SA.
the SA.
destination ipv6_address
Specifies the destination address of the IPv6 traffic that will be covered
by the SA.
by the SA.
spi
The Security Parameters Index (SPI) for the SA.
encryption
Specifies the encryption algorithm to be used for traffic covered by the
SA. This parameter is used only when the SA type is ESP.
SA. This parameter is used only when the SA type is ESP.
key_length
Key length for the specified encryption algorithm.
authentication
Specifies the authentication algorithm to be used for traffic covered by
the SA.
the SA.
description
The detailed description of the SA.
no shutdown
Administratively enables the SA.
shutdown
Administratively disables the SA.
Defaults
Platforms Supported
OmniSwitch 6850, 9000, 9000E
parameter
Defaults
authentication {none | hmac-
md5 | hmac-sha1 | aes-xcbc-
mac}
md5 | hmac-sha1 | aes-xcbc-
mac}
none (ESP SAs only; no default
value for AH SAs)
value for AH SAs)
no shutdown | shutdown
no shutdown