HP 5920 Series - Page 274

424 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

263

[SwitchA-ike-keychain-keychain1] quit

# Create IKE profile profile1.

[SwitchA] ike profile profile1

# Specify IKE keychain keychain1.

[SwitchA-ike-profile-profile1] keychain keychain1

# Configure a peer ID with the identity type of IP address and the value of 2.2.2.2.

[SwitchA-ike-profile-profile1] match remote identity address 2.2.2.2 255.255.255.0

[SwitchA-ike-profile-profile1] quit

# Create an IPsec policy entry, and specify the IPsec policy name as map1, the sequence number

as 10, and the IPsec SA setup mode as IKE.

[SwitchA] ipsec policy map1 10 isakmp

# Specify the remote IP address 2.2.2.2 for the IPsec tunnel.

[SwitchA-ipsec-policy-isakmp-map1-10] remote-address 2.2.2.2

# Reference ACL 3101 to identify the traffic to be protected.

[SwitchA-ipsec-policy-isakmp-map1-10] security acl 3101

# Reference IPsec transform set tran1 for the IPsec policy.

[SwitchA-ipsec-policy-isakmp-map1-10] transform-set tran1

# Specify IKE profile profile1 for the IPsec policy.

[SwitchA-ipsec-policy-isakmp-map1-10] ike-profile profile1

[SwitchA-ipsec-policy-isakmp-map1-10] quit

# Apply IPsec policy map1 to VLAN-interface 1.

[SwitchA] interface vlan-interface 1

[SwitchA-Vlan-interface1] ipsec apply policy map1

2. Configure Device B:

# Assign an IP address to VLAN-interface 1.

<SwitchB> system-view

[SwitchB] interface Vlan-interface1

[SwitchB-Vlan-interface1] ip address 2.2.2.2 255.255.255.0

[SwitchB-Vlan-interface1] quit

# Configure ACL 3101 to identify traffic from Switch B to Switch A.

[SwitchB] acl number 3101

[SwitchB-acl-adv-3101] rule 0 permit ip source 2.2.2.2 0 destination 1.1.1.0 0

[SwitchB-acl-adv-3101] quit

# Create IPsec transform set tran1.

[SwitchB] ipsec transform-set tran1

# Set the packet encapsulation mode to tunnel.

[SwitchB-ipsec-transform-set-tran1] encapsulation-mode tunnel

# Use the ESP protocol for the IPsec transform set.

[SwitchB-ipsec-transform-set-tran1] protocol esp

# Specify the encryption and authentication algorithms.

[SwitchB-ipsec-transform-set-tran1] esp encryption-algorithm aes-cbc-192

[SwitchB-ipsec-transform-set-tran1] esp authentication-algorithm sha1

[SwitchB-ipsec-transform-set-tran1] quit

# Create IKE keychain keychain1.

[SwitchB]ike keychain keychain1

Table of Contents

Other manuals for HP 5920 Series

Command Reference607 pages

Fundamentals Configuration Guide215 pages

Installation Guide63 pages

Fc And Fcoe Configuration Guide257 pages

Troubleshooting Guide52 pages

Compliance And Safety Manual58 pages

Related product manuals

Preview: HP 5920

Preview: HP HPE FlexFabric 5930

HP HPE FlexFabric 5930

Preview: HP HPE FlexFabric 5901 Series

HP HPE FlexFabric 5901 Series

Preview: HP 5300

Preview: HP 5120 series

Preview: HP 5400zl Series

HP 5400zl Series

Preview: HP 5130 EI series

HP 5130 EI series

Preview: HP 5500 EI series

HP 5500 EI series

Preview: HP 5120 SI Series

HP 5120 SI Series

Preview: HP FlexFabric 5700

HP FlexFabric 5700

HP ProCurve 5412ZL