Filter
Top Products
2130 CHAPTER 140: IPSEC CONFIGURATION COMMANDS
Dest Addr : 44.44.44.0/255.255.255.0 Port: 0 Protocol : IP
Current Encrypt-card: None
encapsulation-mode
Syntax encapsulation-mode { transport | tunnel }
undo encapsulation-mode
View IPSec proposal view
Parameter transport: Uses transport mode.
tunnel: Uses tunnel mode.
Description Use the
encapsulation-mode command to set the encapsulation mode (either
transport or tunnel) that the security protocol uses to encapsulate IP packets.
Use the
undo encapsulation-mode command to restore the default.
By default, a security protocol encapsulates IP packets in tunnel mode.
Related command: ipsec proposal.
Example # Configure IPSec proposal prop2 to encapsulate IP packets in transport mode.
<Sysname> system-view
[Sysname] ipsec proposal prop2
[Sysname-ipsec-proposal-prop2] encapsulation-mode transport
encrypt-card fast-switch
Syntax encrypt-card fast-swtich
undo encrypt-card fast-switch
View System view
Table 568 Description on the fields of the display ipsec tunnel command
Field Description
Connection ID Connection ID, used to uniquely identify an IPSec Tunnel
Perfect forward secrecy Perfect forward secrecy, indicating which DH group is to be
used for fast negotiation mode in IKE phase 2
SA’s SPI SPIs of the inbound and outbound SAs
Tunnel Local and remote addresses of the tunnel
Flow Data flow protected by the IPSec tunnel, including source IP
address, destination IP address, source port, destination port
and protocol
Current Encrypt-card Encryption card interface used by the current tunnel