No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

AR500, AR510, and AR530 V200R007 Commands Reference

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
ipsec profile (system view)

ipsec profile (system view)

Function

The ipsec profile command creates an IPSec profile and enters the IPSec profile view.

The undo ipsec profile command deletes an IPSec profile.

By default, no IPSec profile is configured.

Format

ipsec profile profile-name

undo ipsec profile profile-name

Parameters

Parameter

Description

Value

profile-name

Specifies the name of an IPSec profile.

The value is a string of 1 to 12 case-sensitive characters without question marks (?) or spaces.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

An IPSec profile is similar to an IPSec policy. The differences are as follows: The IPSec profile is identified by its name. The IPSec profile can be configured only in IKE negotiation mode. The IPSec profile does not support ACL configuration. The IPSec profile can be applied to only an IPSec tunnel interface. An IPSec profile defines IPSec proposals used to protect data flows, IKE negotiation parameters for SA setup, SA lifetime, and PFS status. After an IPSec profile is applied to an IPSec tunnel interface, only one IPSec tunnel is created. The IPSec tunnel protects all the data flows routed to the IPSec tunnel interface, simplifying IPSec policy management.

Follow-up Procedure

Define negotiated IPSec parameters in the IPSec profile view and run the ipsec profile (interface view) command to apply the IPSec profile to an interface.

Precautions

You do not need to specify local-address or remote-address for an IKE peer referenced by an IPSec profile. During IKE negotiation, the IPSec profile uses the source and destination addresses of the IPSec tunnel interface.

Example

# Create an IPSec profile named profile1.
<Huawei> system-view
[Huawei] ipsec profile profile1
[Huawei-ipsec-profile-profile1] 
Translation
Download
Updated: 2019-05-29

Document ID: EDOC1000097293

Views: 47831

Downloads: 102

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next