< Home

respond-only enable

Function

The respond-only enable command configures the local end as the IPSec responder that does not initiate IPSec negotiation.

The undo respond-only enable command cancels the configuration.

By default, if the local end establishes an IPSec tunnel using the ISAKMP IPSec policy, the local end initiates IPSec negotiation.

Format

respond-only enable

undo respond-only enable

Parameters

None

Views

ISAKMP IPSec policy view

Default Level

2: Configuration level

Usage Guidelines

If the IPSec peers establish IPSec tunnels using the ISAKMP IPSec policy, both ends initiate negotiation. You can configure one end as the responder that does not initiate negotiation, which can help you check the packet processing, and therefore diagnose and locate IPSec faults.

Example

# Configure the peer in ISAKMP IPSec policy policy1 with sequence number 100 as the responder for IPSec negotiation.

<sysname> system-view
[sysname] ipsec policy policy1 100 isakmp
[sysname-ipsec-policy-isakmp-policy1-100] respond-only enable
Parent Topic: IPSec Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >