Skip to content

ipsecalg profile

The following operations can be performed on "ipsecalg profile":

add | set | unset | show | rm

add ipsecalg profile

Add an ipsec alg profile.

Synopsys

add ipsecalg profile <name> [-ikeSessionTimeout <positive_integer>] [-espSessionTimeout <positive_integer>] [-espGateTimeout <positive_integer>] [-connfailover ( ENABLED | DISABLED )]

Arguments

name

The name of the ipsec alg profile

ikeSessionTimeout

IKE session timeout in minutes

Default value: 60

Minimum value: 1

Maximum value: 1440

espSessionTimeout

ESP session timeout in minutes.

Default value: 60

Minimum value: 1

Maximum value: 1440

espGateTimeout

Timeout ESP in seconds as no ESP packets are seen after IKE negotiation

Default value: 60

Minimum value: 30

Maximum value: 1200

connfailover

Mode in which the connection failover feature must operate for the IPSec Alg. After a failover, established UDP connections and ESP packet flows are kept active and resumed on the secondary appliance. Recomended setting is ENABLED.

Possible values: ENABLED, DISABLED

Default value: ENABLED

set ipsecalg profile

Set an ipsec alg profile parameter.

Synopsys

set ipsecalg profile <name> [-ikeSessionTimeout <positive_integer>] [-espSessionTimeout <positive_integer>] [-espGateTimeout <positive_integer>] [-connfailover ( ENABLED | DISABLED )]

Arguments

name

The name of the ipsec alg profile

ikeSessionTimeout

IKE session timeout in minutes

Default value: 60

Minimum value: 1

Maximum value: 1440

espSessionTimeout

ESP session timeout in minutes.

Default value: 60

Minimum value: 1

Maximum value: 1440

espGateTimeout

Timeout ESP in seconds as no ESP packets are seen after IKE negotiation

Default value: 60

Minimum value: 30

Maximum value: 1200

connfailover

Mode in which the connection failover feature must operate for the IPSec Alg. After a failover, established UDP connections and ESP packet flows are kept active and resumed on the secondary appliance. Recomended setting is ENABLED.

Possible values: ENABLED, DISABLED

Default value: ENABLED

unset ipsecalg profile

Use this command to remove ipsecalg profile settings.Refer to the set ipsecalg profile command for meanings of the arguments.

Synopsys

unset ipsecalg profile <name> [-ikeSessionTimeout] [-espSessionTimeout] [-espGateTimeout] [-connfailover]

show ipsecalg profile

Display all of the configured ipsec alg profiles

Synopsys

show ipsecalg profile [<name>]

Arguments

name

The name of the ipsec alg profile

Outputs

ikeSessionTimeout

IKE session timeout in minutes

espSessionTimeout

ESP session timeout in minutes.

espGateTimeout

Timeout ESP in seconds as no ESP packets are seen after IKE negotiation

connfailover

Mode in which the connection failover feature must operate for the IPSec Alg. After a failover, established UDP connections and ESP packet flows are kept active and resumed on the secondary appliance. Recomended setting is ENABLED.

devno

count

stateflag

Example

show ipsecalg profile

rm ipsecalg profile

Remove an ipsec alg profile

Synopsys

rm ipsecalg profile <name>

Arguments

name

The name of the ipsec alg profile.

Example

rm ipsecalg profile