For an active TCP/IP stack with IPSECURITY defined, the following
conditions apply:
- Changing the file name that is identified by an existing IpSecConfig or
DynamicConfigPolicyLoad statement causes Policy Agent to update
and install the IP security policy as defined in the new file. If
the new IP security policy file contains errors, the policy is not
updated and the existing IP security policy remains in effect.
- For local IP security policies, removing an existing
IpSecConfig statement from a Policy Agent image configuration file
activates the default IP filter policy.
- For remote IP security policies, removing the PolicyServer statement
(or the PolicyType IPSec parameter on that statement) from a Policy
Agent image configuration file activates the default IP filter policy,
assuming that no local IP security policy is defined using the IpSecConfig
statement.