Manualshelf

Specifications

ManualsBrandsEfficient Networks ManualsComputer equipmentRouter family Command line interface
331332333334335336337338339340
Chapter 8. Command Reference 339
none Perfect Forward Secrecy negotiation is not required for this connection.
PolicyName Name of the IPsec policy to which the pfs parameter value is added. To see the policy names,
use the ike ipsec policies list command.
Example: ike ipsec policies set pfs 2 mypolicy
IKE IPSEC POLICIES SET PROPOSAL
Defines a proposal filtering parameter value for the policy. The proposal parameter specifies an IKE IPSec
proposal that may be used for the connection. (It must have been defined by IKE IPSec proposal commands; see
IKE IPSec Proposal Commands, on page 141.)
Unlike the other filtering parameters, the policy may allow more than one value for the proposal parameter. For
example, two set proposal commands could specify two proposals, either of which could be used by the
connection. See IKE IPSec Policy Commands, on page 142.
ProposalName Name of an IKE proposal. To see the IKE proposal names, use the ike proposals list
command.
PolicyName Name of the IPsec policy to which the proposal parameter value is added. To see the policy
names, use the ike ipsec policies list command.
Example: ike ipsec policies set proposal myproposal mypolicy
IKE IPSEC POLICIES SET PROTOCOL
Defines a protocol filtering parameter value for the policy. The protocol parameter requires a specific protocol
that must be used or allows any protocol (*).
ProtocolNumber Protocol required by the policy. The protocol can be specified by number or by name
TCP (TCP or UDP). To allow data through for any protocol, specify an asterisk (*).
UDP
*
PolicyName Name of the IPsec policy to which the protocol parameter value is added. To see the
policy names, use the ike ipsec policies list command.
Example: ike ipsec policies set protocol * mypolicy
ike ipsec policies set protocol tcp webpolicy
IKE IPSEC POLICIES SET SOURCE
Defines a source filtering parameter value for the policy. The source parameter requires the data come from the
specified source IP address and mask. The source is the device or network that sent the packet, not the router that
routes the packet.
ike ipsec policies set proposal <ProposalName> <PolicyName>
ike ipsec policies set protocol <ProtocolNumber | TCP | UDP | *> <PolicyName>