In this section:
Use this object to configure IPsec Security Policy Database (SPD) for the SBC Core. If action
parameter is set to "protect", the SPD establishes the phase 2 criteria for the negotiation between SBC and the IKE peer. The successful completion of this negotiation results in a Security Association (SA).
Command Syntax
% set addressContext <addressContext name> ipsec spd <spd_name> action <bypass | discard | protect> localIpAddr <ipAddress> localIpPrefixLen <0-128> localPort <0-65535> mode <transport | tunnel> precedence <0-65535> protocol <0-255> remoteIpAddr <ipAddress> remoteIpPrefixLen <0-128> remotePort <0-65535> state <disabled | enabled>
Command Parameters
Command Examples
% set addressContext default ipsec spd SPD3 localIpAddr 10.16.230.2 localIpPrefixLen 32 remoteIpAddr 10.16.220.2 remoteIpPrefixLen 32 action protect protocol 17 state enabled precedence 102 % show addressContext default ipsec spd SPD3 { state enabled; precedence 102; localIpAddr 10.16.230.2; localIpPrefixLen 32; remoteIpAddr 10.16.220.2; remoteIpPrefixLen 32; protocol 17; action protect; }
Overview
Content Tools