Cannot configure secure mac addresses, Configuring snmp notifications for ipsec – H3C Technologies H3C S12500-X Series Switches User Manual

Page 155

Advertising
background image

143

You can configure the DF bit in system view and interface view. The interface-view DF bit setting takes

precedence over the system-view DF bit setting. If the interface-view DF bit setting is not configured, the
interface uses the system-view DF bit setting.
Follow these guidelines when you configure the DF bit:

The DF bit setting takes effect only in tunnel mode, and it changes the DF bit in the new IP header
rather than the original IP header.

Configure the same DF bit setting on the interfaces where the same IPsec policy bound to a source
interface has been applied.

To configure the DF bit of IPsec packets on an interface:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter interface view.

interface interface-type
interface-number

N/A

3.

Configure the DF bit of
IPsec packets on the

interface.

ipsec df-bit { clear | copy | set }

By default, the interface uses the
global DF bit setting.

To configure the DF bit of IPsec packets globally:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Configure the DF bit of
IPsec packets globally.

ipsec global-df-bit { clear | copy | set }

By default, IPsec copies the DF bit
in the original IP header to the

new IP header.

96B

Configuring SNMP notifications for IPsec

After you enable SNMP notifications for IPsec, the IPsec module notifies the NMS of important module

events. The notifications are sent to the device's SNMP module. You can configure the notification

transmission parameters for the SNMP module to specify how the SNMP module displays notifications.

For more information about SNMP notifications, see Network Management and Monitoring
Configuration Guide.
To generate and output SNMP notifications for IPsec for a specific failure type or event type, enable

SNMP notifications for IPsec globally and for the specified failure type or event type.
To configure SNMP notifications for IPsec:

Step Command

Remarks

1.

Enter system view

system-view

N/A

2.

Enable SNMP notifications

for IPsec globally.

snmp-agent trap enable ipsec global

By default, SNMP notifications for
IPsec are enabled.

Advertising
This manual is related to the following products:

H3C S5560 Series Switches, H3C WX6000 Series Access Controllers, H3C WX5000 Series Access Controllers, H3C WX3000 Series Unified Switches, H3C LSWM1WCM10 Access Controller Module, H3C LSWM1WCM20 Access Controller Module, H3C LSQM1WCMB0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module, H3C LSBM1WCM2A0 Access Controller Module, H3C S9800 Series Switches, H3C S5130 Series Switches, H3C S5120 Series Switches

Popular Brands
Popular manuals