Product specifications

14 – Command Reference

Command Listing

14-54 59263-02 A

Protocol Protocol or application to which to apply IP security. Enter a key-

word for one of the following protocols or an integer (0-255):

 Internet Control Message Protocol for IP version 4 (ICMP)

 Internet Control Message Protocol for IP version 6 (ICMP6)

 Internet Protocol, version 4 (IPv4)

 Transmission Control Protocol (TCP)

 User Datagram Protocol (UDP)

 Any protocol

ICMP6 ICMP number (0–255). You are prompted for this parameter

only if you specify ICMP6 for the Protocol parameter.

Direction Direction of the data traffic to which to apply the policy:

 In–Data entering the destination

 Out–Data leaving the source

Priority A number from -2147483647 to +214783647 that determines

priority for this policy in the security policy database. The higher

the number, the higher the priority.

Action Processing to apply to data traffic:

 Discard–Unconditionally disallow all inbound or outbound

data traffic.

 None–Allow all inbound or outbound data traffic without

encryption or decryption.

 Ipsec–Apply IP security to inbound and outbound data traffic.

ProtectionDesired Type of IP security protection to apply:

 AH–Authentication Header

 ESP–Encapsulating Security Payload

 Both–Apply both AH and ESP protection

ahRuleLevel Rule level to apply for AH protection:

 Default–use the system wide default for the protocol

 Use–use a security association if one is available

 Require–a security association is required whenever a

packet is sent that is matched with the policy

Table 14-7. Policy Configuration Parameters

Parameter Description