chipsec
The chipsec command modifies an existing Internet Protocol Security (IPSec) connection.
Parameters
- -enable | -disable
- (Optional) Specifies whether you want to enable or disable the
IPSec connection. When you specify the -enable parameter,
an attempt is made to establish the IPSec connection. When you specify
the -disable parameter, the IPSec connection
ends.Notes:
- The -enable and -disable parameters cannot be used together.
- The value of auto in the connection configuration file also influences whether the connection is enabled or disabled. For example, if the connection configuration file is defined with auto=start, the IPSec server attempts to establish the connection when the connection is created, or whenever the IPSec server is restarted or updated.
- In an active connection, both peers must be sending and receiving data. An enabled connection might not be active if it is waiting for the peer to activate the other end of the connection.
- -hmc 1 | 2 | all
- (Optional) Specifies the HMC that you want to import the IPSec
connection configuration settings:
- -hmc 1 specifies the primary HMC
- -hmc 2 specifies the secondary HMC
- all is the default value and it specifies the primary HMC on a single HMC system, and specifies both the primary and secondary HMCs on a dual HMC system.
- -quiet
- (Optional) Turns off the confirmation prompt for this command.
- conn_ID ... | -
- (Required) Specifies the IPSec connection IDs that you want the connection configuration settings to apply to. The ellipsis (...) indicates that, optionally, you can specify multiple values. If you use the dash (-), the specified value is read from standard input. You cannot use the dash (-) while you are in the DS CLI interactive command mode.
Example
Invoking
the chipsec command:
dscli> chipsec –enable connection1
The resulting output:
IPSec connection connection1 on hmc 1 successfully enabled.