Configuring the IPsec Reverse Check Function

Configuring the IPsec reverse check function ensures that a data flow is correctly encrypted.

Context

After receiving packets in ciphertext through interfaces, the NetEngine 8000 F uses the IPsec reverse check function to check each decrypted packet in simple text and discards a packet if the packet has been incorrectly encrypted, which ensures that a data flow is correctly encrypted.

If an IPsec policy template is used, the IPsec reverse check function only checks the data flow that matches an ACL rule that has the smallest number and is used in the IPsec policy template.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ipsec succeed-check enable

    The IPsec reverse check function is enabled.

  3. Run commit

    The configuration is committed.

Parent Topic: Configuring IPsec Security
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >