No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Command Reference

CloudEngine 8800, 7800, 6800, and 5800 V200R002C50

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
ipsec sa (OSPFv3)

ipsec sa (OSPFv3)

Function

The ipsec sa command configures an Security Association (SA) in the OSPFv3 area or OSPFv3 process.

The undo ipsec sa command deletes the SA configured in the OSPFv3 area or OSPFv3 process.

By default, no SA is configured in the OSPFv3 area or OSPFv3 process.

Format

ipsec sa sa-name

undo ipsec sa

Parameters

Parameter Description Value
sa-name Specifies the name of an SA. The name of an SA must already exist.

Views

OSPFv3 view or OSPFv3 area view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

An SA defines a set of security algorithms and keys to ensure IP security. Incoming and outgoing OSPFv3 packets are authenticated and encrypted based on the rules defined by the SA.

The ipsec sa sa-name command run in the OSPFv3 process view is used to authenticate packets of the OSPFv3 process. An SA applied in an OSPFv3 process is used to authenticate the packets of the process. After an OSPFv3 process is associated with an OSPFv3 area, the SA applied in the OSPFv3 process is also applied to the OSPFv3 area.

The ipsec sa sa-name command run in the OSPFv3 area view is used to authenticate packets of the OSPFv3 area.

NOTE:
  • The SA applied in an OSPFv3 area takes precedence over that applied in an OSPFv3 process.
  • If the SA applied in the OSPFv3 area is deleted, the SA applied in the OSPFv3 process is used to authenticate packets.

Prerequisites

Basic IPSec functions have been configured.

Example

# Configure an SA named sa1 in the OSPFv3 process. (This SA has been created.)

<HUAWEI> system-view
[~HUAWEI] ospfv3 1
[*HUAWEI-ospfv3-1] ipsec sa sa1

# Configure an SA named sa2 in the OSPFv3 area. (This SA has been created.)

<HUAWEI> system-view
[~HUAWEI] ospfv3 1
[*HUAWEI-ospfv3-1] area 10.0.0.0
[*HUAWEI-ospfv3-1-area-10.0.0.0] ipsec sa sa2
Translation
Download
Updated: 2019-03-21

Document ID: EDOC1000166501

Views: 52486

Downloads: 339

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next