ipsec apply
Use ipsec apply to apply an IPsec policy to an interface.
Use undo ipsec apply to remove an IPsec policy application from an interface.
Syntax
ipsec apply { ipv6-policy | policy } policy-name
undo ipsec apply { ipv6-policy | policy }
Default
No IPsec policy is applied to an interface.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
ipv6-policy: Specifies an IPv6 IPsec policy.
policy: Specifies an IPv4 IPsec policy.
policy-name: Specifies an IPsec policy name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
On an interface, you can apply a maximum of two IPsec policies: one IPv4 IPsec policy and one IPv6 IPsec policy.
An IKE-based IPsec policy can be applied to multiple interfaces. As a best practice, apply an IKE-based IPsec policy to only one interface. A manual IPsec policy can be applied to only one interface.
Examples
# Apply IPsec policy policy1 to VLAN-interface 100.
<Sysname> system-view [Sysname] interface vlan-interface 100 [Sysname–Vlan-interface100] ipsec apply policy policy1
Related commands
display ipsec { ipv6-policy | policy }
ipsec { ipv6-policy | policy }