Filter
Top Products
Appendix A: IPSec Configuration File
132
NI Series WebConsole & Programming Guide
mkmAddTransport
mkmAddTransport
NAME mkmAddTransport – add a transport mode Security Association
SYNOPSIS mkmAddTransport=cptr_mkm_sa
DESCRIPTION This rule adds a transport mode Security Association (SA). After adding an SA and setting the
associated transform ID and keys, mkmCommit must be called to commit the SA to the Secu-
rity Association Database (SADB).
Rule Value:
cptr_mkm_sa
A string formatted as follows:
saNumber,protocolSelector[/destinationPort/sourcePort],
destinationAddressSelector,sourceAddressSelector,
directionality,networkInterfaceAddress
where
- saNumber is a decValue, a unique number to be assigned to the SA.
- protocolSelector is the IANA IP protocol number, decValue | ANY. Use 6 for TCP or 17 for
UDP.
- destinationPort and sourcePort are:
decValue | ANY.
- destinationAddressSelector and sourceAddressSelector are:
ipAddress1[-ipAddress2 | /ipMaskPrefix].
- directionality is IN | OUT. If IN then this policy applies to traffic coming into the current host.
If OUT it applies to traffic going out of the current host. A mirrored policy will automatically be
created for the opposite traffic flow.
- networkInterfaceAddress is the IP address of the network interface to which the inbound SA
is bound.
EXAMPLES IPv4:
mkmAddTransport=5,6/2001/ANY,100.100.100.4,100.100.99.1,
OUT,100.100.99.1
IPv6:
mkmAddTransport=5,6/2001/ANY,3ffe:2::2,3ffe:1::2,OUT,3ffe:1::2
Config String
Format
saNumber.protocolSelector[/destinationPort/sourcePort],
destinationAddressSelector,sourceAddressSelector,directionality,
networkInterfaceAddress