IPsec is a framework that ensures private, secure communications over IP networks through the use of cryptographic security services. IPsec policies are used to configure IPsec security services. The policies provide varying levels of protection for most traffic types in your network. You can configure IPsec policies to meet the security requirements of a computer, organizational unit (OU), domain, site, or global enterprise.
Configure IPsec Policies
Because any changes that you make to an IPsec policy during a system
upgrade will be lost, do not modify or create IPsec policies during an upgrade.
IPsec requires bidirectional provisioning, or one peer for each host (or gateway).
When you provision the IPSec policy on two Cisco Unified Communications Manager nodes with one IPsec policy protocol set to "ANY" and the other IPsec policy protocol set to "UDP" or "TCP", the validation can result in a false negative if run from the
node that uses the "ANY" protocol.
IPsec, especially with encryption, affects the performance of
From Cisco Unified OS Administration, choose Security > IPSec
Click Add New.
Configure the fields on the IPSEC Policy
Configuration window. See the online help for more information about the fields and their configuration options.
To validate IPsec, choose Services > Ping, check the Validate IPsec check box, and then click Ping.
Manage IPsec Policies
changes that you make to an IPsec policy during a system upgrade are lost, do
not modify or create IPsec policies during an upgrade.
Any changes that
you make to the existing IPsec certificate because of hostname, domain, or IP address
changes require you to delete the IPsec policies and recreate
them, if certificate names are changed. If certificate names are
unchanged, then after importing the remote node's regenerated certificate, the
IPsec policies must be disabled and enabled.
From Cisco Unified OS Administration, choose Security > IPSEC
enable, or disable a policy, follow these steps:
To enable or
disable the policy, check or uncheck the
Enable Policy check box.
To delete one or
more policies, follow these steps:
check box next to each policy that you want to delete.
Select All to select all policies or
Clear All to clear all the check boxes.