Manualshelf

Command Reference Guide

ManualsBrandsHP ManualsRoutersHP 5000 Router Series
2271227222732274227522762277227822792280
280security acl 3Com Router 5000 Family and Router 6000 Family
Command Reference
Per-session mode: Specifies the ACL that a packet matches, and then establishes a
tunnel to protect the packets that share the same source and destination
addresses with this packet. Multiple tunnels are to be established in per-session
mode to protect the specified ACL rule, because packets with different source and
destination addresses probably match one ACL rule.
The data flow that will be protected by the IPSec policy is confined by the ACL in this
command. According to the rules in the ACL, IPSec determines which packets need
security protection and which do not. The packet permitted by the access control list
will be protected, and a packet denied by the access control list will not be protected.
The denied packets are sent out directly without IPSec protection.
Related Commands ipsec policy (Interface view)
ipsec policy (System view)
proposal
sa duration
tunnel local
tunnel remote