< Home

(Optional) Enabling Dependency Between IPSec SA and IKE SA During IKEv1 Negotiation

Context

By default, no dependency exists between IPSec SA and IKE SA, that is, the two SAs can be deleted separately. If the IKE SA is deleted but the corresponding IPSec SA still exists, traffic forwarding will be effected. You can enable dependency between IPSec SA and IKE SA to ensure that an IPSec SA is deleted when its corresponding IKE SA is deleted.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ikev1 phase1-phase2 sa dependent

    Dependency between IPSec SA and IKE SA during IKEv1 negotiation is enabled.

    By default, no dependency exists between IPSec SA and IKE SA during IKEv1 negotiation.

Parent Topic: Configuring the Remote Device
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >