EasyManuals Logo

HPE FlexNetwork 5510 HI Series Security Configuration Guide

HPE FlexNetwork 5510 HI Series
551 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #292 background imageLoading...
Page #292 background image
279
Step
Command
Remarks
6. Configure keys for the
IPsec SA.
• Configure an authentication key
in hexadecimal format for AH:
sa hex-key authentication
{ inbound | outbound } ah
{ cipher | simple } key-value
• Configure an authentication key
in character format for AH:
sa string-key { inbound |
outbound } ah { cipher |
simple } key-value
• Configure a key
in character
format for ESP:
sa string-key { inbound |
outbound } esp [ cipher |
simple ] key-value
• Configure an authentication key
in hexadecimal format for ESP:
sa hex-key authentication
{ inbound | outbound } esp
{ cipher | simple } key-value
• Configure an encryption key in
hexadecimal format for ESP:
sa hex-key encryption
{ inbound | outbound } esp
{ cipher | simple } key-value
By default, no keys are configured
for the IPsec SA.
Configure a key for the security
protocol (AH, ESP, or both) you
have specified.
If you configure a key in character
format for ESP, the device
automatically generates an
authentication key and an
encryption key for ESP.
If you configure a key in both the
character and hexadecimal
formats, only the most recent
configuration takes effect.
Configuring SNMP notifications for IPsec
After you enable SNMP notifications for IPsec, the IPsec module notifies the NMS of important
module events. The notifications are sent to the device's SNMP module. You can configure the
notification transmission parameters for the SNMP module to specify how the SNMP module
displays notifications. For more information about SNMP notifications, see Network Management
and Monitoring Configuration Guide.
To generate and output SNMP notifications for a specific IPsec failure or event type, perform the
following tasks:
1. Enable SNMP notifications for IPsec globally.
2. Enable SNMP notifications for the failure or event type.
To configure SNMP notifications for IPsec:
Step
Command
1. Enter system view
system-view
N/A
2.
Enable SNMP
notifications for IPsec
globally.
snmp-agent
trap
enable
ipsec
global
By default, SNMP notifications for
IPsec are disabled.
3.
Enable SNMP
notifications
for the
specified failure or event
types.
snmp-agent
trap
enable
ipsec
[
auth-failure
|
decrypt-failure
|
encrypt-failure
|
invalid-sa-failure
|
no-sa-failure
|
policy-add
|
policy-attach
|
policy-delete
|
policy-detach
|
tunnel-start
|
tunnel-stop
] *
By default, SNMP notifications for
all failure and event types are
disabled.

Table of Contents

Other manuals for HPE FlexNetwork 5510 HI Series

Preview: Configuration Guide
Configuration Guide572 pages
Preview: Fundamentals Configuration Guide
Fundamentals Configuration Guide209 pages
Preview: Layer 3 - Ip Routing Configuration Guide
Layer 3 - Ip Routing Configuration Guide486 pages
Preview: Network Management And Monitoring Configuration Guide
Network Management And Monitoring Configuration Guide331 pages
Preview: Macsec Configuration Guide
Macsec Configuration Guide27 pages
Preview: Acl And Qos Configuration Guide
Acl And Qos Configuration Guide114 pages
Preview: Mpls Configuration Guide
Mpls Configuration Guide505 pages
Preview: Openflow Configuration Guide
Openflow Configuration Guide39 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork 5510 HI Series and is the answer not in the manual?

HPE FlexNetwork 5510 HI Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork 5510 HI Series
CategorySwitch
LanguageEnglish

Related product manuals