The ripng ipsec sa command enables Internet Protocol Security (IPSec) authentication on a RIPng interface.
The undo ripng ipsec sa command disables IPSec authentication on a RIPng interface.
By default, IPSec authentication is disabled on a RIPng interface.
Product |
Support |
|---|---|
S5720-EI, S5720-HI, S5720I-SI, S5720S-SI, S5720-SI, S5735-S, S5735S-S, S5735-S-I, S5730-HI, S5730S-EI, S5730-SI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-EI, S6720-HI, S6720S-EI, S6720S-SI, S6720-SI, S6730-H, S6730S-H, S6730-S, and S6730S-S |
Supported |
S2720-EI, S5720-LI, S5735-L, S5735S-L, S5735S-L-M, S5720S-LI, S6720-LI, and S6720S-LI |
Not supported |
| Parameter | Description | Value |
|---|---|---|
| sa-name | Specifies the name of an Security Association (SA). | The value is an existing SA name. |
Usage Scenario
The ripng ipsec sa command enables IPSec on a RIPng interface. IPSec authenticates received and sent RIPng packets by using the specified SA (including the security algorithm and key). This improves the security of the RIPng network.
The command can take effect only after IPv6 is enabled for the interface by the ipv6 enable command.
If the ripng ipsec sa command is run on an interface, all RIPng packets received and sent by the interface will be authenticated by using the SA specified in the command.
Prerequisites
An IPSec SA has been configured.
Precaution
The ripng ipsec sa command takes precedence over the ipsec sa command. If both commands are run in respective views and different SA names are specified, only the configuration of the ripng ipsec sa command takes effect.