EasyManuals Logo
Home>HP>Switch>3600 v2 Series

HP 3600 v2 Series Security Configuration Guide

HP 3600 v2 Series
398 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #277 background imageLoading...
Page #277 background image
266
directly connected neighbors or a RIPng process. For IPv6 BGP, the scope can be directly connected
neighbors or a neighbor group.
• All SAs (both inbound and outbound) within the routed network scope must use the same SPI and
keys.
• Configure the keys on all routers within the routed network scope in the same format. For example,
if you input the keys in hexadecimal format on one router, do so across the routed network scope.
2. Configuration procedure
Follow these steps to configure a manual IPsec policy:
To do… Use the command… Remarks
Enter system view system-view —
Create a manual IPsec policy and
enter its view
ipsec policy policy-name
seq-number manual
Required
By default, no IPsec policy exists.
Assign an IPsec proposal to the
IPsec policy
proposal proposal-name
Required
By default, an IPsec policy
references no IPsec proposal.
Configure the
two ends of the
IPsec tunnel
Configure the
local address of
the tunnel
tunnel local ip-address
Not needed for IPsec policies to be
applied to IPv6 routing protocols
and required for other applications.
Not configured by default
Configure the
remote address
of the tunnel
tunnel remote ip-address
Required
Not configured by default
Configure the SPIs for the SAs
sa spi { inbound | outbound }
{ ah | esp } spi-number
Required
Configure keys
for the SAs
Configure an
authentication
key in
hexadecimal for
AH
sa authentication-hex { inbound
| outbound } ah hex-key
Required
Use either command
Configure an
authentication
key in characters
for AH
sa string-key { inbound |
outbound } ah string-key
Configure a key
in characters for
ESP
sa string-key { inbound |
outbound } esp string-key
Required
Configure at least one command.
If you configure a key in characters
for ESP, the router automatically
generates an authentication key and
an encryption key for ESP.
Configure an
authentication
key in
hexadecimal for
ESP
sa authentication-hex { inbound
| outbound } esp hex-key
Configure an
encryption key in
hexadecimal for
ESP
sa encryption-hex { inbound |
outbound } esp hex-key

Table of Contents

Other manuals for HP 3600 v2 Series

Preview: Command Reference
Command Reference479 pages
Preview: Installation Guide
Installation Guide62 pages
Preview: Compliance And Safety Manual
Compliance And Safety Manual51 pages
Preview: Configuration Guide
Configuration Guide449 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 3600 v2 Series and is the answer not in the manual?

HP 3600 v2 Series Specifications

General IconGeneral
BrandHP
Model3600 v2 Series
CategorySwitch
LanguageEnglish

Related product manuals