H3C LSW1FC4P0 Interface Card for S5820X-28C Ethernet Switches Command Line Interface Guide Firmware Version 9.0.7
Network and Fabric Configuration
Managing IP Security
59272-00 C 45
A security association defines the encryption algorithm and encryption key to
apply when called by a security policy. A security policy may call several
associations at different times, but each association is related to only one policy.
The security association database is the set of all security associations.
IP Security configurations can be complex: it is possible to unintentionally
configure policies and associations that isolate a switch from all communication. If
this happens, you can disable IP Security by placing the switch in maintenance
mode, and correct the problem through the serial port interface. Refer to the H3C
LSW1FC4P0 Inteface Card for S5820X-28C Ethernet Switches Installation
Manual for information about using maintenance mode and connecting through
the serial port.
Displaying IP Security Information
You can display the security policy and security association databases in the
following ways:
Active policies and associations; that is, policies and associations currently
in use
Configured policies and associations; that is, policies and associations that
have been saved in the database
Policies and associations that are being edited, but have not been saved
You can display the following types of IP Security configuration information:
Policy and Association Information
IP Security Configuration History
IP Security Configuration Limits