Got it
Huawei Enterprise Support Community

IPSec on the USG6000 series

110

Designed by Internet Engineering Task Force (IETF), IPSec is an open network-layer framework protocol. It is not a single protocol, but a collection of protocols and services that provide security for IP networks.

Other related questions:
Rate limiting for IPSec VPN tunnels of the USG6000 series
On the USG6000 series, rate limiting can be implemented for IPSec VPN tunnels by using two methods. Method 1: If multiple tunnels are established on the USG, traffic conflicts occur in the case of heavy data traffic. In this case, run speed-limit to limit the traffic in each IPSec tunnel. Excess packets are discarded. This ensures that all packets in each tunnel are transmitted properly. If the traffic coming through a tunnel to a local port is heavy, run inbound to limit the traffic coming from this IPSec tunnel to the local port. If the traffic forwarded by the local port is heavy, run outbound to limit the traffic forwarded by the local port to the IPSec tunnel. After a security policy is applied on an interface, you cannot run speed-limit to modify the limited rate in the security policy. If an IPSec security policy is configured in any of the following modes, you can run speed-limit { inbound | outbound } speed-limit to limit the traffic rate of the IPSec tunnel. �?Manual mode �?Template mode �?Internet Key Exchange (IKE) non-policy template mode Method 2: After traffic policies are configured, if the actual address before VPN encapsulation or after decapsulation is matched, the traffic rate of the IPSec VPN can be limited. Assume that the actual address before VPN encapsulation is 10.1.1.1. The configuration method is as follows: [sysname] traffic-policy [sysname-policy-traffic] rule name 1 [sysname-policy-traffic-rule-1] source-address 10.1.1.1 32
IPSec content on the USG6000 series
IPSec includes security protocols such as Authentication Header (AH) and Encapsulating Security Payload (ESP), Internet Key Exchange (IKE), and certain algorithms used for authentication and encryption.
IPSec security services on the USG6000 series
Security services provided by IPSec include user data encryption, data integrity authentication, data origin authentication, and anti-replay.
What is the IPSec in the USG6000 series equipment
IPSec is an open network layer security framework protocol developed by the Internet Engineering Task Force (IETF). It is not a separate protocol,But a collection of protocols and services that provide security for IP networks.
If you have more questions, you can seek help from following ways:
To WeiKnow To Live Chat

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.