EasyManuals Logo

HPE FlexNetwork 5510 HI Series Security Configuration Guide

HPE FlexNetwork 5510 HI Series
551 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #299 background imageLoading...
Page #299 background image
286
Figure 88 Network diagram
Requirements analysis
To meet the network requirements, perform the following tasks:
1. Configure basic RIPng.
For more information about RIPng configurations, see Layer 3—IP Routing Configuration
Guide.
2. Configure an IPsec profile.
ï‚¡ The IPsec profiles on all the switches must have IPsec transform sets that use the same
security protocol, authentication and encryption algorithms, and encapsulation mode.
ï‚¡ The SPI and key configured for the inbound SA and those for the outbound SA must be the
same on each switch.
ï‚¡ The SPI and key configured for the SAs on all the switches must be the same.
3. Apply the IPsec profile to a RIPng process or to an interface.
Configuration procedure
1. Configure Switch A:
# Configure IPv6 addresses for interfaces. (Details not shown.)
# Configure basic RIPng.
<SwitchA> system-view
[SwitchA] ripng 1
[SwitchA-ripng-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] ripng 1 enable
[SwitchA-Vlan-interface100] quit
# Create and configure the IPsec transform set named tran1.
[SwitchA] ipsec transform-set tran1
[SwitchA-ipsec-transform-set-tran1] encapsulation-mode transport
[SwitchA-ipsec-transform-set-tran1] protocol esp
[SwitchA-ipsec-transform-set-tran1] esp encryption-algorithm aes-cbc-128
[SwitchA-ipsec-transform-set-tran1] esp authentication-algorithm sha1
[SwitchA-ipsec-transform-set-tran1] quit
# Create and configure the IPsec profile named profile001.
[SwitchA] ipsec profile profile001 manual
[SwitchA-ipsec-profile-profile1001] transform-set tran1
[SwitchA-ipsec-profile-profile1001] sa spi outbound esp 123456
[SwitchA-ipsec-profile-profile1001] sa spi inbound esp 123456
[SwitchA-ipsec-profile-profile1001] sa string-key outbound esp simple abcdefg
[SwitchA-ipsec-profile-profile1001] sa string-key inbound esp simple abcdefg
[SwitchA-ipsec-profile-profile1001] quit
# Apply the IPsec profile to RIPng process 1.
[SwitchA] ripng 1
[SwitchA-ripng-1] enable ipsec-profile profile001
[SwitchA-ripng-1] quit
Vlan
-
int100
1::1/64
Vlan-int200
3::1/64
Vlan-int100
1
::2
/64
Vlan-int200
3
::2
/
64
Switch A
Switch B
Switch C

Table of Contents

Other manuals for HPE FlexNetwork 5510 HI Series

Preview: Configuration Guide
Configuration Guide572 pages
Preview: Fundamentals Configuration Guide
Fundamentals Configuration Guide209 pages
Preview: Layer 3 - Ip Routing Configuration Guide
Layer 3 - Ip Routing Configuration Guide486 pages
Preview: Network Management And Monitoring Configuration Guide
Network Management And Monitoring Configuration Guide331 pages
Preview: Macsec Configuration Guide
Macsec Configuration Guide27 pages
Preview: Acl And Qos Configuration Guide
Acl And Qos Configuration Guide114 pages
Preview: Mpls Configuration Guide
Mpls Configuration Guide505 pages
Preview: Openflow Configuration Guide
Openflow Configuration Guide39 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork 5510 HI Series and is the answer not in the manual?

HPE FlexNetwork 5510 HI Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork 5510 HI Series
CategorySwitch
LanguageEnglish

Related product manuals