Dell POWEREDGE M1000E User Manual

Page 515

Advertising
background image

Fabric OS Command Reference

487

53-1002746-01

ipSecConfig

2

--delete

Deletes a specified policy or all policies of a certain typefrom the configuration
database. You can delete IPSec policies, IKE policies, and SADB entries. When
deleting IPSec policies, you have the option to delete specific components only,
such as the transform or the selector, and recreate these components without
having to recreate the entire policy. The syntax for deleting a policy is as follows:

ipsecconfig --delete type [subtype] arguments

type

Specifies the policy to be deleted. Valid policy types include the following:

policy ips

Deletes a specified IPSec policy or all IPSec policies.

subtype

Optionally specify a component (subtype) to delete the component only:

selector

Deletes the selector for a specified IPSec policy, or all selectors of all
configured IPSec policies.

transform

Deletes the transform for a specified IPSec policy, or all transforms of all
configured IPSec policies.

sa-proposal

Deletes the SA proposal for a specified IPSec policy, or all SA proposals of all
configured IPSec policies.

sa

Deletes the SAs for a specified IPSec policy, or all SAs of all configured
IPSec policies.

policy ike

Deletes a specified IKE policy or all configured IKE policies.

sa

Deletes a specified SADB entry or all manual SADB entries.

manual-sa

Deletes the SA policy entries used in manually keyed SA entries from the
configuration database.

arguments

Specifies the selection as one of the following:

-a

Deletes all configuration information for the specified type and subtype.

-tag name

Deletes all configuration information for the specified policy type

--flush manual-sa

Flushes all SA entries (including manually keyed and automatically keyed SAs)
from the kernel SADB. All active TCP sessions that are using IPSec protection are
terminated when this command is executed. This command, unlike delete, does
not remove the policies from the configuration database. Flushing any other policy
parameters is not supported.

--show

Displays current IPSec or IKE configuration. The syntax for the display option is
as follows:

--show type [subtype] arguments

Advertising
Popular Brands
Popular manuals