Alcatel-Lucent 6850-48 参照ガイド
OmniSwitch CLI Reference Guide
September 2009
page 34-1
34 IPsec commands
IPsec is a suite of protocols for securing IPv6 communications by authenticating and/or encrypting each
IPv6 packet in a data stream. IPsec provides security services such as encrypting traffic, integrity valida-
tion, authenticating the peers, and anti-replay.
IPv6 packet in a data stream. IPsec provides security services such as encrypting traffic, integrity valida-
tion, authenticating the peers, and anti-replay.
IPsec protocols operate at network layer using appropriate security protocols, cryptographic algorithms,
and cryptographic keys. The security services are provided through use of two security protocols, the
Authentication Header (AH) and the Encapsulating Security Payload (ESP), and through the use of crypto-
graphic key management procedures and protocols.
and cryptographic keys. The security services are provided through use of two security protocols, the
Authentication Header (AH) and the Encapsulating Security Payload (ESP), and through the use of crypto-
graphic key management procedures and protocols.
This implementation of IPsec supports the transport mode of operation. In this mode, only the data you
transfer (payload) in the IPv6 packet is encrypted and/or authenticated and only the payloads that are origi-
nated and destined between two endpoints are processed with IPsec.
transfer (payload) in the IPv6 packet is encrypted and/or authenticated and only the payloads that are origi-
nated and destined between two endpoints are processed with IPsec.
The pre-configured Security Policy determines the traffic that is to be rendered with IPsec protection. A
Security Association (SA) specifies the actual IPsec actions to be performed (e.g encryption using 3DES,
authentication with HMAC-SHA1). A security association is a bundle of algorithms and parameters (such
as keys) that is being used to encrypt and authenticate a particular flow in one direction. Security Associa-
tions are manually configured.
Security Association (SA) specifies the actual IPsec actions to be performed (e.g encryption using 3DES,
authentication with HMAC-SHA1). A security association is a bundle of algorithms and parameters (such
as keys) that is being used to encrypt and authenticate a particular flow in one direction. Security Associa-
tions are manually configured.
A summary of the available commands is listed here:.