chipsec

The chipsec command modifies an existing Internet Protocol Security (IPSec) connection.

Read syntax diagramSkip visual syntax diagram  chipsec  -enable -disable -hmc  1  2  all  -quiet  conn_ID   ...    "-" 

Parameters

-enable | -disable
(Optional) Specifies whether you want to enable or disable the IPSec connection. When you specify the -enable parameter, an attempt is made to establish the IPSec connection. When you specify the -disable parameter, the IPSec connection ends.
Notes:
  1. The -enable and -disable parameters cannot be used together.
  2. The value of auto in the connection configuration file also influences whether the connection is enabled or disabled. For example, if the connection configuration file is defined with auto=start, the IPSec server attempts to establish the connection when the connection is created, or whenever the IPSec server is restarted or updated.
  3. In an active connection, both peers must be sending and receiving data. An enabled connection might not be active if it is waiting for the peer to activate the other end of the connection.
-hmc 1 | 2 | all
(Optional) Specifies the HMC that you want to import the IPSec connection configuration settings:
  • -hmc 1 specifies the primary HMC
  • -hmc 2 specifies the secondary HMC
  • all is the default value and it specifies the primary HMC on a single HMC system, and specifies both the primary and secondary HMCs on a dual HMC system.
-quiet
(Optional) Turns off the confirmation prompt for this command.
conn_ID ... | -
(Required) Specifies the IPSec connection IDs that you want the connection configuration settings to apply to. The ellipsis (...) indicates that, optionally, you can specify multiple values. If you use the dash (-), the specified value is read from standard input. You cannot use the dash (-) while you are in the DS CLI interactive command mode.

Example

Invoking the chipsec command:
dscli> chipsec –enable connection1  
The resulting output:
IPSec connection connection1 on hmc 1 successfully enabled.