< Home

ipsec sa

Function

The ipsec sa command creates an SA and displays the SA view.

The undo ipsec sa command deletes an SA.

By default, no SA is created.

Format

ipsec sa sa-name

undo ipsec sa sa-name

Parameters

Parameter Description Value

sa-name

Specifies the name of an SA.

The value is a string of 1 to 15 case-insensitive characters without question marks (?) or spaces. When double quotation marks are used around the string, spaces are allowed in the string.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

IPSec uses an SA to ensure security during data transmission. When configuring IPSec, run the ipsec sa command to create an SA and configure SA parameters.

Follow-up Procedure

Run the proposal command to import a security proposal; run the sa spi command to configure the SPI; run the sa string-key or sa authentication-hex command to configure the authentication key.

Precautions

An SA is unidirectional. Incoming packets and outgoing packets are processed by different SAs.

An SA can be configured with only one security protocol.

Example

# Create an SA.

<HUAWEI> system-view
[HUAWEI] ipsec sa sa1
[HUAWEI-ipsec-sa-sa1]
Parent Topic: IPSec Configuration Commands (IPSec Encryption)
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >