EasyManuals Logo

HPE FlexNetwork MSR Series Comware 5 Security Configuration Guide

HPE FlexNetwork MSR Series
547 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #193 background imageLoading...
Page #193 background image
180
# Configure the remote IP address of the tunnel.
[RouterA-ipsec-policy-manual-map1-10] tunnel remote 2.2.3.1
# Configure the local IP address of the tunnel.
[RouterA-ipsec-policy-manual-map1-10] tunnel local 2.2.2.1
# Configure the SPIs.
[RouterA-ipsec-policy-manual-map1-10] sa spi outbound esp 12345
[RouterA-ipsec-policy-manual-map1-10] sa spi inbound esp 54321
# Configure the keys.
[RouterA-ipsec-policy-manual-map1-10] sa string-key outbound esp abcdefg
[RouterA-ipsec-policy-manual-map1-10] sa string-key inbound esp gfedcba
[RouterA-ipsec-policy-manual-map1-10] quit
# Configure the IP address of the serial interface.
[RouterA] interface serial 2/1
[RouterA-Serial2/1] ip address 2.2.2.1 255.255.255.0
# Apply the IPsec policy group to the interface.
[RouterA-Serial2/1] ipsec policy map1
2. Configure Router B:
# Define an ACL to identify data flows from subnet 10.1.2.0/24 to subnet 10.1.1.0/24.
<RouterB> system-view
[RouterB] acl number 3101
[RouterB-acl-adv-3101] rule permit ip source 10.1.2.0 0.0.0.255 destination 10.1.1.0
0.0.0.255
[RouterB-acl-adv-3101] quit
# Configure a static route to Host A.
[RouterB] ip route-static 10.1.1.0 255.255.255.0 serial 2/2
# Create an IPsec transform set named tran1.
[RouterB] ipsec transform-set tran1
# Specify the encapsulation mode as tunnel.
[RouterB-ipsec-transform-set-tran1] encapsulation-mode tunnel
# Specify the security protocol as ESP.
[RouterB-ipsec-transform-set-tran1] transform esp
# Specify the algorithms for the IPsec transform set.
[RouterB-ipsec-transform-set-tran1] esp encryption-algorithm des
[RouterB-ipsec-transform-set-tran1] esp authentication-algorithm sha1
[RouterB-ipsec-transform-set-tran1] quit
# Create a manual IPsec policy.
[RouterB] ipsec policy use1 10 manual
# Apply the ACL.
[RouterB-ipsec-policy-manual-use1-10] security acl 3101
# Apply the IPsec transform set.
[RouterB-ipsec-policy-manual-use1-10] transform-set tran1
# Configure the remote IP address of the tunnel.
[RouterB-ipsec-policy-manual-use1-10] tunnel remote 2.2.2.1
# Configure the local IP address of the tunnel.
[RouterB-ipsec-policy-manual-use1-10] tunnel local 2.2.3.1
# Configure the SPIs.
[RouterB-ipsec-policy-manual-use1-10] sa spi outbound esp 54321

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Preview: Configuration Guide
Configuration Guide861 pages
Preview: Comware 7 Layer 3 - Ip Services Configuration Guides
Comware 7 Layer 3 - Ip Services Configuration Guides554 pages
Preview: Guide
Guide213 pages
Preview: Command Reference
Command Reference120 pages
Preview: Comware 5 Layer 2 - Wan Access Configuration Guide
Comware 5 Layer 2 - Wan Access Configuration Guide420 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork MSR Series and is the answer not in the manual?

HPE FlexNetwork MSR Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork MSR Series
CategoryNetwork Router
LanguageEnglish

Related product manuals