User guide
Chapter 5. Command Line Interface Reference 249
IKE IPSEC POLICIES ENABLE
Enables an IPSec policy. An enable command is required for each new policy; the enable command indicates that
the specification of the policy is complete and the policy is ready to be used. The enable command can also be
used to re-enable a disabled policy. For more information, see IKE IPSec Policy Commands, on page 127.
ike ipsec policies enable <PolicyName>
PolicyName Name of the IPsec policy. To see the policy names, use the ike ipsec policies list command.
Example: ike ipsec policies enable mypolicy
IKE IPSEC POLICIES LIST
Lists the IPSec policies. For more information, see IKE IPSec Policy Commands, on page 127.
ike ipsec policies list
Example:
# ike ipsec policies list
IKE IPSec policies:
mypolicy (enabled)
Source address/mask: 192.168.16.0/255.255.255.0
Destination address/mask: 192.168.23.0/255.255.255.0
Protocol: *
Source port: *
Destination port: *
Tunnel mode
Peer: my_aggressive_peer (0.0.0.0)
Proposals: myproposal
IKE IPSEC POLICIES SET DEST
Defines a destination filtering parameter value for the policy. The destination parameter requires that the data be
intended for the specified destination IP address and mask. The destination is the device or network that finally
receives the packet, not the router that routes the packet.
ike ipsec policies set dest <IPaddress> <IPmask> <PolicyName>
IPaddress IP address allowed to be the destination of the data (4 decimals separated by periods).
IPmask IP network mask (4 decimals separated by periods).
PolicyName Name of the IPsec policy to which the destination parameter value is added. To see the policy
names, use the ike ipsec policies list command.
Example: ike ipsec policies set dest 192.168.16.0 255.255.255.0 mypolicy