EasyManuals Logo

HPE FlexNetwork 5510 HI Series Security Configuration Guide

HPE FlexNetwork 5510 HI Series
551 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #333 background imageLoading...
Page #333 background image
320
[SwitchA-ipsec-policy-isakmp-map1-10] ikev2-profile profile1
[SwitchA-ipsec-policy-isakmp-map1-10] quit
# Apply IPsec policy map1 to VLAN-interface 1.
[SwitchA] interface vlan-interface 1
[SwitchA-Vlan-interface1] ipsec apply policy map1
[SwitchA-Vlan-interface1] quit
2. Configure Switch B:
# Assign an IP address to VLAN-interface 1.
<SwitchB> system-view
[SwitchB] interface Vlan-interface1
[SwitchB-Vlan-interface1] ip address 2.2.2.2 255.255.255.0
[SwitchB-Vlan-interface1] quit
# Configure IPv4 advanced ACL 3101 to identify traffic between Switch A and Switch B.
[SwitchB] acl advanced 3101
[SwitchB-acl-ipv4-adv-3101] rule 0 permit ip source 2.2.2.2 0 destination 1.1.1.0 0
[SwitchB-acl-ipv4-adv-3101] quit
# Create an IPsec transform set named tran1.
[SwitchB] ipsec transform-set tran1
# Set the packet encapsulation mode to tunnel.
[SwitchB-ipsec-transform-set-tran1] encapsulation-mode tunnel
# Use the ESP protocol for the IPsec transform set.
[SwitchB-ipsec-transform-set-tran1] protocol esp
# Specify the encryption and authentication algorithms.
[SwitchB-ipsec-transform-set-tran1] esp encryption-algorithm des-cbc
[SwitchB-ipsec-transform-set-tran1] esp authentication-algorithm sha1
[SwitchB-ipsec-transform-set-tran1] quit
# Create an IKEv2 keychain named keychain1.
[SwitchB] ikev2 keychain keychain1
# Create an IKEv2 peer named peer1.
[SwitchB-ikev2-keychain-keychain1] peer peer1
# Specify peer IP address 1.1.1.1/24.
[SwitchB-ikev2-keychain-keychain1-peer-peer1] address 1.1.1.1 24
# Specify the peer ID, which is IP address 1.1.1.1.
[SwitchB-ikev2-keychain-keychain1-peer-peer1] identity address 1.1.1.1
# Specify abcde in plain text as the pre-shared key to be used with the peer at 1.1.1.1.
[SwitchB-ikev2-keychain-keychain1-peer-peer1] pre-shared-key plaintext abcde
[SwitchB-ikev2-keychain-keychain1-peer-peer1] quit
[SwitchB-ikev2-keychain-keychain1] quit
# Create an IKEv2 profile named profile1.
[SwitchB] ikev2 profile profile1
# Specify the local authentication method as pre-shared key.
[SwitchB-ikev2-profile-profile1] authentication-method local pre-share
# Specify the remote authentication method as pre-shared key.
[SwitchB-ikev2-profile-profile1] authentication-method remote pre-share
# Specify IKEv2 keychain keychain1.
[SwitchB-ikev2-profile-profile1] keychain keychain1
# Specify the peer ID that the IKEv2 profile matches. The peer ID is IP address 1.1.1.1/24.

Table of Contents

Other manuals for HPE FlexNetwork 5510 HI Series

Preview: Configuration Guide
Configuration Guide572 pages
Preview: Fundamentals Configuration Guide
Fundamentals Configuration Guide209 pages
Preview: Layer 3 - Ip Routing Configuration Guide
Layer 3 - Ip Routing Configuration Guide486 pages
Preview: Network Management And Monitoring Configuration Guide
Network Management And Monitoring Configuration Guide331 pages
Preview: Macsec Configuration Guide
Macsec Configuration Guide27 pages
Preview: Acl And Qos Configuration Guide
Acl And Qos Configuration Guide114 pages
Preview: Mpls Configuration Guide
Mpls Configuration Guide505 pages
Preview: Openflow Configuration Guide
Openflow Configuration Guide39 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork 5510 HI Series and is the answer not in the manual?

HPE FlexNetwork 5510 HI Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork 5510 HI Series
CategorySwitch
LanguageEnglish

Related product manuals