Link the IPsec Security Association to an IPsec Policy
Use the following procedure to link the security association to an IPsec policy.
Before you begin
-
The IPsec security association and IPsec policy must exist.
About this task
You cannot delete or modify a security association if the security association links to a policy. To modify a parameter in the security association, or to delete the security association, you must first unlink the security association from the policy. You can only unlink a security association from a policy if the policy does not link to an interface. If a policy links to an interface, you must first unlink the policy from the interface, and then unlink the policy from the security association.
Procedure
Example
Link the IPsec security association named new_sa to the IPsec policy named newpolicy:
Switch:1>enable Switch:1#configure terminal Switch:1(config)#ipsec policy newpolicy security-association newsa
Variable Definitions
The following table defines parameters for the ipsec policy command.
Variable |
Value |
---|---|
WORD<1–32> |
Specifies the policy ID. |
security-association WORD<1–32> |
Specifies the security association ID. |