Creating an IPsec security association

Use the following procedure to create an IPsec security association. A security association (SA) is a group of algorithms and parameters used to encrypt and authenticate the flow of IP traffic in a particular direction. An SA contains the information IPsec needs to process an IP packet.

About this task

You cannot delete or modify a security association if the security association links to a policy. To modify a parameter in the security association or to delete the security association, you must first unlink the security association from a policy.

Procedure

  1. Enter Global Configuration mode:

    enable

    configure terminal

  2. Create an IPsec security association:

    ipsec security-association WORD<1–32>

  3. Optional: Delete an IPsec security association:

    no ipsec security-association WORD<1–32>

Example

Create an IPsec security association named newsa:

Switch:1>enable
Switch:1#configure terminal
Switch:1(config)#ipsec security-association newsa

Variable Definitions

The following table defines parameters for the ipsec security-association command.

Variable

Value

WORD<1–32>

Specifies the security association identifier.
9037588-00 Rev AA