No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


FAQ-What Is the Function of the seq-number Parameter When an IPSec Policy Is Created?

Publication Date:  2019-01-24 Views:  304 Downloads:  0

Issue Description

What is the function of the seq-number parameter when an IPSec policy is created?


You can create multiple IPSec policies with the same name on a USG9000 to form an IPSec policy group. In an IPSec policy group, the IPSec policy is uniquely identified by the name (policy-name) and sequence number (seq-number). A smaller seq-number value indicates a higher IPSec policy priority.

When an IPSec policy group is applied to an interface, all IPSec policies in the group are applied. The USG9000 preferentially processes the IPSec policy with a smaller seq-number and establishes an IPSec tunnel for the data flow defined in the policy.