What is the function of the seq-number parameter when an IPSec
policy is created?
You can create multiple IPSec policies
with the same name on a USG9000 to form an IPSec policy group. In an IPSec
policy group, the IPSec policy is uniquely identified by the name (policy-name) and sequence number (seq-number). A smaller seq-number value indicates a higher
IPSec policy priority.
When an IPSec policy
group is applied to an interface, all IPSec policies in the group are applied.
The USG9000 preferentially processes the IPSec policy with a smaller seq-number
and establishes an IPSec tunnel for the data flow defined in the policy.