accept-mismatch enable (tcp-ao policy view)

Function

The accept-mismatch enable command enables the local end to receive packets without the AO option from the peer end.

The undo accept-mismatch enable command restores the default configuration.

By default, the local end does not receive the packets that do not carry the AO option when the peer initiates a TCP connection.

Format

accept-mismatch enable

undo accept-mismatch enable

Parameters

None

Views

tcp-ao policy view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
ip-stack write

Usage Guidelines

Usage Scenario

To ensure the security of a TCP connection, the local end does not receive the packets that do not carry the AO option when the peer end initiates a TCP connection by default.

If the peer end does not support the AO option in TCP packets, run the accept-mismatch enable command to enable the local end to receive packets without the AO option for a TCP connection initiated by the peer end to ensure that the TCP connection can be established.

Example

# Enable the local end to receive packets without the AO option from the peer end.
<HUAWEI> system-view
[~HUAWEI] tcp ao exampleAO
[~HUAWEI-tcp-ao-exampleAO] accept-mismatch enable
Parent Topic: TCP-AO Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >