EasyManuals Logo
Home>HPE>Network Router>FlexNetwork MSR Series

HPE FlexNetwork MSR Series Comware 5 Security Configuration Guide

HPE FlexNetwork MSR Series
547 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #206 background imageLoading...
Page #206 background image
193
Similarly, you can view the information on Router A. (Details not shown.)
Configuring IPsec for RIPng
The IPsec configuration procedures for protecting OSPFv3 and IPv6 BGP are similar. For more
information about RIPng, OSPFv3, and IPv6 BGP, see HPE FlexNetwork MSR Router Series
Comware 5 Layer 3—IP Routing Configuration Guide.
Network requirements
As shown in Figure 62, Router A, Router B, and Router C are connected. They learn IPv6 routing
information through RIPng.
Configure IPsec for RIPng so that RIPng packets exchanged between the routers are transmitted
through an IPsec tunnel. Configure IPsec to use the security protocol ESP, the encryption algorithm
DES, and the authentication algorithm SHA1-HMAC-96.
Figure 62 Network diagram
Configuration considerations
Perform the following configuration tasks:
• Configure basic RIPng parameters.
• Configure a manual IPsec policy.
• Apply the IPsec policy to a RIPng process to protect RIPng packets in this process or to an
interface to protect RIPng packets traveling through the interface.
Configuration procedure
1. Configure Router A:
# Assign an IPv6 address to each interface. (Details not shown.)
# Create a RIPng process and enable it on Ethernet 1/1.
<RouterA> system-view
[RouterA] ripng 1
[RouterA-ripng-1] quit
[RouterA] interface ethernet 1/1
[RouterA-Ethernet1/1] ripng 1 enable
[RouterA-Ethernet1/1] quit
# Create an IPsec transform set named tran1, and set the encapsulation mode to transport
mode, the security protocol to ESP, the encryption algorithm to DES, and authentication
algorithm to SHA1-HMAC-96.
[RouterA] ipsec transform-set tran1
[RouterA-ipsec-transform-set-tran1] encapsulation-mode transport
[RouterA-ipsec-transform-set-tran1] transform esp
[RouterA-ipsec-transform-set-tran1] esp encryption-algorithm des
[RouterA-ipsec-transform-set-tran1] esp authentication-algorithm sha1
[RouterA-ipsec-transform-set-tran1] quit
# Create an IPsec policy named policy001, specify the manual mode for it, set the SPIs of the
inbound and outbound SAs to 123456, and the keys for the inbound and outbound SAs using
ESP to abcdefg.

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Preview: Configuration Guide
Configuration Guide861 pages
Preview: Comware 7 Layer 3 - Ip Services Configuration Guides
Comware 7 Layer 3 - Ip Services Configuration Guides554 pages
Preview: Guide
Guide213 pages
Preview: Command Reference
Command Reference120 pages
Preview: Comware 5 Layer 2 - Wan Access Configuration Guide
Comware 5 Layer 2 - Wan Access Configuration Guide420 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork MSR Series and is the answer not in the manual?

HPE FlexNetwork MSR Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork MSR Series
CategoryNetwork Router
LanguageEnglish

Related product manuals