EasyManuals Logo

HPE FlexNetwork MSR Series Comware 5 Security Configuration Guide

HPE FlexNetwork MSR Series
547 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #200 background imageLoading...
Page #200 background image
187
[RouterA-Ethernet1/1] ipsec policy map1
[RouterA-Ethernet1/1] quit
# Apply the shared source interface policy group to interface Ethernet 1/2.
[RouterA] interface ethernet 1/2
[RouterA-Ethernet1/2] ip address 4.4.4.4 24
[RouterA-Ethernet1/2] ipsec policy map1
[RouterA-Ethernet1/2] quit
# Configure interface Ethernet 1/3.
[RouterA] interface ethernet 1/3
[RouterA-Ethernet1/3] ip address 10.1.1.1 24
[RouterA-Ethernet1/3] quit
# Configure a static route to Host B.
[RouterA] ip route-static 10.1.2.0 255.255.255.0 ethernet 1/1 2.2.2.3
[RouterA] ip route-static 10.1.2.0 255.255.255.0 ethernet 1/2 4.4.4.5
# Configure a static route to interface Loopback 0 on Host B.
[RouterA] ip route-static 3.3.3.0 255.255.255.0 ethernet 1/1 2.2.2.3
[RouterA] ip route-static 3.3.3.0 255.255.255.0 ethernet 1/2 4.4.4.5
2. Configure Router B:
# Define an ACL to identify traffic from subnet 10.1.2.0/24 to subnet 10.1.1.0/24.
<RouterB> system-view
[RouterB] acl number 3101
[RouterB-acl-adv-3101] rule permit ip source 10.1.2.0 0.0.0.255 destination 10.1.1.0
0.0.0.255
[RouterB-acl-adv-3101] quit
# Configure an IPsec transform set named tran1.
[RouterB] ipsec transform-set tran1
[RouterB-ipsec-transform-set-tran1] encapsulation-mode tunnel
[RouterB-ipsec-transform-set-tran1] transform esp
[RouterB-ipsec-transform-set-tran1] esp encryption-algorithm des
[RouterB-ipsec-transform-set-tran1] esp authentication-algorithm sha1
[RouterB-ipsec-transform-set-tran1] quit
# Configure an IKE peer named peer.
[RouterB] ike peer peer
[RouterB-ike-peer-peer] pre-shared-key abcde
[RouterB-ike-peer-peer] remote-address 1.1.1.1
[RouterB-ike-peer-peer] quit
# Configure an IPsec policy named map1, specifying to use the IKE negotiation mode.
[RouterB] ipsec policy map1 10 isakmp
[RouterB-ipsec-policy-isakmp-map1-10] transform-set tran1
[RouterB-ipsec-policy-isakmp-map1-10] security acl 3101
[RouterB-ipsec-policy-isakmp-map1-10] ike-peer peer
[RouterB-ipsec-policy-isakmp-map1-10] quit
# Configure a loopback interface.
[RouterB] interface loopback 0
[RouterB-LoopBack0] ip address 3.3.3.3 32
[RouterB-LoopBack0] quit
# Configure IPsec policy group map1 as a shared source interface policy group.

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Preview: Configuration Guide
Configuration Guide861 pages
Preview: Comware 7 Layer 3 - Ip Services Configuration Guides
Comware 7 Layer 3 - Ip Services Configuration Guides554 pages
Preview: Guide
Guide213 pages
Preview: Command Reference
Command Reference120 pages
Preview: Comware 5 Layer 2 - Wan Access Configuration Guide
Comware 5 Layer 2 - Wan Access Configuration Guide420 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork MSR Series and is the answer not in the manual?

HPE FlexNetwork MSR Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork MSR Series
CategoryNetwork Router
LanguageEnglish

Related product manuals