Specifications
336 Chapter 8. Command Reference
IKE IPSEC POLICIES ENABLE
Enables an IPSec policy. An enable command is required for each new policy; the enable command indicates that
the specification of the policy is complete and the policy is ready to be used. The enable command can also be
used to re-enable a disabled policy. For more information, see IKE IPSec Policy Commands, on page 142.
PolicyName Name of the IPsec policy. To see the policy names, use the ike ipsec policies list command.
Example: ike ipsec policies enable mypolicy
IKE IPSEC POLICIES LIST
Lists the IPSec policies. For more information, see IKE IPSec Policy Commands, on page 142.
Example:
# ike ipsec policies list
IKE IPSec policies:
mypolicy (enabled)
Source address/mask: 192.168.16.0/255.255.255.0
Destination address/mask: 192.168.23.0/255.255.255.0
Protocol: *
Source port: *
Destination port: *
Tunnel mode
Peer: my_aggressive_peer (0.0.0.0)
Proposals: myproposal
IKE IPSEC POLICIES SET DEST
Defines a destination filtering parameter value for the policy. The destination parameter requires that the data be
intended for the specified destination IP address and mask. The destination is the device or network that finally
receives the packet, not the router that routes the packet.
IPaddress IP address allowed to be the destination of the data (4 decimals separated by periods).
IPmask IP network mask (4 decimals separated by periods).
PolicyName Name of the IPsec policy to which the destination parameter value is added. To see the policy
names, use the ike ipsec policies list command.
Example: ike ipsec policies set dest 192.168.16.0 255.255.255.0 mypolicy
ike ipsec policies enable <PolicyName>
ike ipsec policies list
ike ipsec policies set dest <IPaddress> <IPmask> <PolicyName>