Q-Logic 5802V Manuel D’Utilisation
4 – Network Configuration
Managing IP Security
59263-01 A
4-11
A
Creating a Policy
To create a policy, enter the
Create command as shown in the
following example:
SANbox #> admin start
SANbox (admin) #> ipsec edit
SANbox (admin-ipsec) #> ipsec policy create h2h-sh-sp
A list of attributes with formatting will follow.
Enter a value or simply press the ENTER key to skip specifying a value.
If you wish to terminate this process before reaching the end of the list
press 'q' or 'Q' and the ENTER key to do so.
Required attributes are preceded by an asterisk.
Value (press ENTER to not specify value, 'q' to quit):
Description (string value, 0-127 bytes) : Host-to-host: switch->host
*SourceAddress (hostname, IPv4, or IPv6 Address/[PrefixLength]): fe80::2c0:ddff:fe03:d4c1
SourcePort (decimal value, 1-65535) :
*DestinationAddress (hostname, IPv4, or IPv6 Address/[PrefixLength]): fe80::250:daff:feb7:9d02
DestinationPort (decimal value, 1-65535) :
*Protocol (decimal value, or keyword)
Allowed keywords
icmp, icmp6, ip4, tcp, udp or any : any
*Direction (1=in, 2=out) : 2
Priority (value, -2147483647 to +214783647) :
*Action (1=discard, 2=none, 3=ipsec) : 3
*ProtectionDesired (select one, transport-mode only)
1=ah Authentication Header
2=esp Encapsulating Security Payload
3=both : 2
*espRuleLevel (1=default, 2=use, 3=require) : 3
The security policy has been created.
This configuration must be saved with the 'ipsec save' command
before it can take effect, or to discard this configuration
use the 'ipsec cancel' command.