Q-Logic 5802V 사용자 설명서
4 – Network Configuration
Managing IP Security
59263-01 A
4-13
A
Modifying a User-Defined Policy
To modify an existing user-defined policy, enter the
Edit command in
an Admin session and an Ipsec Edit session as shown in the following example.
An asterisk (*) indicates a required entry.
An asterisk (*) indicates a required entry.
SANbox (admin-ipsec) #> ipsec policy edit h2h-sh-sp
A list of attributes with formatting and current values will follow.
Enter a new value or simply press the ENTER key to accept the current value.
To remove a value for an optional attribute, use ’n’.
If you wish to terminate this process before reaching the end of the list
press 'q' or 'Q' and the ENTER key to do so.
Current Values:
Description Host-to-host: switch->host
.
.
.
espRuleLevel require
New Value (press ENTER to not specify value, 'q' to quit, 'n' for none):
Description (string value, 0-127 bytes) :
*SourceAddress (IPv4, IPv6 or hostname/[PrefixLength]) :
SourcePort (decimal value, 1-65535) :
*DestinationAddress (IPv4, IPv6 or hostname/[PrefixLength]) :
DestinationPort (decimal value, 1-65535) :
*Protocol (decimal value, or keyword)
Allowed keywords
icmp, icmp6, ip4, tcp, udp or any : tcp
*Direction (1=in, 2=out) :
Priority (value, -2147483647 to +2147483647) :
*Action (1=discard, 2=none, 3=ipsec) :
*ProtectionDesired (select one, transport-mode only)
1=ah Authentication Header
2=esp Encapsulating Security Payload
3=both :
*ahRuleLevel (1=default, 2=use, 3=require) :
*espRuleLevel (1=default, 2=use, 3=require) :
The security policy has been edited.
This configuration must be saved with the 'ipsec save' command
before it can take effect, or to discard this configuration
use the 'ipsec cancel' command.
SANbox (admin-ipsec) #> ipsec save
The IPsec configuration will be saved and activated.
Please confirm (y/n): [n] y