Creating an IPsec policy

Use the following procedure to configure an IPsec policy. An IPsec policy defines the level of security for different types of traffic.

Note

Note

  • You can only configure the IPsec policies for IPv4 addresses for UDP, TCP, and ICMPv4 protocols. You can continue to configure IPsec policies for IPv6 addresses for ICMPv6, OSPFv3, TCP, and UDP.

  • If you downgrade your software, the current IPsec configurations are no longer supported. You must boot with the factory default settings for IPsec, and then reconfigure the IPsec features.

Procedure

  1. Enter Global Configuration mode:

    enable

    configure terminal

  2. Create an IPsec policy:

    ipsec policy WORD<1–32>

  3. Optional: Delete an IPsec policy:

    no ipsec policy WORD<1–32>

Example

Create an IPsec policy named newpolicy:

Switch:1>enable
Switch:1#configure terminal
Switch:1(config)#ipsec policy newpolicy

Variable Definitions

The following table defines parameters for the ipsec policy command.

Variable

Value

WORD<1–32>

Specifies the IPsec policy name.