EasyManuals Logo

HP VSR1000 Configuration Guide

HP VSR1000
453 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #320 background imageLoading...
Page #320 background image
307
[SwitchB-ipsec-policy-manual-policy002-10] proposal tran2
[SwitchB-ipsec-policy-manual-policy002-10] sa spi outbound esp 54321
[SwitchB-ipsec-policy-manual-policy002-10] sa spi inbound esp 54321
[SwitchB-ipsec-policy-manual-policy002-10] sa string-key outbound esp gfedcba
[SwitchB-ipsec-policy-manual-policy002-10] sa string-key inbound esp gfedcba
[SwitchB-ipsec-policy-manual-policy002-10] quit
# On Switch C, create an IPsec proposal named tran2, and set the encapsulation mode to
transport mode, the security protocol to ESP, the encryption algorithm to DES, and authentication
algorithm to SHA1; create an IPsec policy named policy002, specify the manual mode for it,
reference IPsec proposal tran2, set the SPIs of the inbound and outbound SAs to 54321, and the
keys for the inbound and outbound SAs using ESP to gfedcba.
[SwitchC] ipsec proposal tran2
[SwitchC-ipsec-proposal-tran2] encapsulation-mode transport
[SwitchC-ipsec-proposal-tran2] transform esp
[SwitchC-ipsec-proposal-tran2] esp encryption-algorithm des
[SwitchC-ipsec-proposal-tran2] esp authentication-algorithm sha1
[SwitchC-ipsec-proposal-tran2] quit
[SwitchC] ipsec policy policy002 10 manual
[SwitchC-ipsec-policy-manual-policy002-10] proposal tran2
[SwitchC-ipsec-policy-manual-policy002-10] sa spi outbound esp 54321
[SwitchC-ipsec-policy-manual-policy002-10] sa spi inbound esp 54321
[SwitchC-ipsec-policy-manual-policy002-10] sa string-key outbound esp gfedcba
[SwitchC-ipsec-policy-manual-policy002-10] sa string-key inbound esp gfedcba
[SwitchC-ipsec-policy-manual-policy002-10] quit
4. Apply the IPsec policies in areas:
# Configure Switch A.
[SwitchA] ospfv3 1
[SwitchA-ospfv3-1] area 1
[SwitchA-ospfv3-1-area-0.0.0.1] enable ipsec-policy policy001
[SwitchA-ospfv3-1-area-0.0.0.1] quit
[SwitchA-ospfv3-1] quit
# Configure Switch B.
[SwitchB] ospfv3 1
[SwitchB-ospfv3-1] area 0
[SwitchB-ospfv3-1-area-0.0.0.0] enable ipsec-policy policy002
[SwitchB-ospfv3-1-area-0.0.0.0] quit
[SwitchB-ospfv3-1] area 1
[SwitchB-ospfv3-1-area-0.0.0.1] enable ipsec-policy policy001
[SwitchB-ospfv3-1-area-0.0.0.1] quit
[SwitchB-ospfv3-1] quit
# Configure Switch C.
[SwitchC] ospfv3 1
[SwitchC-ospfv3-1] area 0
[SwitchC-ospfv3-1-area-0.0.0.0] enable ipsec-policy policy002
[SwitchC-ospfv3-1-area-0.0.0.0] quit
[SwitchC-ospfv3-1] quit
5. Verify the configuration:

Table of Contents

Other manuals for HP VSR1000

Preview: Manual
Manual73 pages
Preview: High Availability Configuration Guide
High Availability Configuration Guide91 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP VSR1000 and is the answer not in the manual?

HP VSR1000 Specifications

General IconGeneral
BrandHP
ModelVSR1000
CategoryNetwork Router
LanguageEnglish

Related product manuals