EasyManuals Logo
Home>HPE>Network Router>FlexNetwork MSR Series

HPE FlexNetwork MSR Series Comware 5 Security Configuration Guide

HPE FlexNetwork MSR Series
547 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #208 background imageLoading...
Page #208 background image
195
# Create a RIPng process and enable it on Ethernet 1/1.
<RouterC> system-view
[RouterC] ripng 1
[RouterC-ripng-1] quit
[RouterC] interface ethernet 1/1
[RouterC-Ethernet1/1] ripng 1 enable
[RouterC-Ethernet1/1] quit
# Create an IPsec transform set named tran1, and set the encapsulation mode to transport
mode, the security protocol to ESP, the encryption algorithm to DES, and authentication
algorithm to SHA1-HMAC-96.
[RouterC] ipsec transform-set tran1
[RouterC-ipsec-transform-set-tran1] encapsulation-mode transport
[RouterC-ipsec-transform-set-tran1] transform esp
[RouterC-ipsec-transform-set-tran1] esp encryption-algorithm des
[RouterC-ipsec-transform-set-tran1] esp authentication-algorithm sha1
[RouterC-ipsec-transform-set-tran1] quit
# Create an IPsec policy named policy001, specify the manual mode for it, and configure the
SPIs of the inbound and outbound SAs as 123456, and the keys for the inbound and outbound
SAs using ESP as abcdefg.
[RouterC] ipsec policy policy001 10 manual
[RouterC-ipsec-policy-manual-policy001-10] transform-set tran1
[RouterC-ipsec-policy-manual-policy001-10] sa spi outbound esp 123456
[RouterC-ipsec-policy-manual-policy001-10] sa spi inbound esp 123456
[RouterC-ipsec-policy-manual-policy001-10] sa string-key outbound esp abcdefg
[RouterC-ipsec-policy-manual-policy001-10] sa string-key inbound esp abcdefg
[RouterC-ipsec-policy-manual-policy001-10] quit
# Apply IPsec policy policy001 to the RIPng process.
[RouterC] ripng 1
[RouterC-ripng-1] enable ipsec-policy policy001
[RouterC-ripng-1] quit
4. Verify the configuration:
After the configuration, Router A, Router B, and Router C learn IPv6 routing information through
RIPng. SAs are set up successfully, and the IPsec tunnel between two peers is up for protecting
the RIPng packets.
# Execute the display ripng command on Router A to view the running status and
configuration information of the specified RIPng process. The output shows that IPsec policy
policy001 is applied to this process successfully.
<RouterA> display ripng 1
RIPng process : 1
Preference : 100
Checkzero : Enabled
Default Cost : 0
Maximum number of balanced paths : 8
Update time : 30 sec(s) Timeout time : 180 sec(s)
Suppress time : 120 sec(s) Garbage-Collect time : 120 sec(s)
Number of periodic updates sent : 186
Number of trigger updates sent : 1
IPsec policy name: policy001, SPI: 123456

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Preview: Configuration Guide
Configuration Guide861 pages
Preview: Comware 7 Layer 3 - Ip Services Configuration Guides
Comware 7 Layer 3 - Ip Services Configuration Guides554 pages
Preview: Guide
Guide213 pages
Preview: Command Reference
Command Reference120 pages
Preview: Comware 5 Layer 2 - Wan Access Configuration Guide
Comware 5 Layer 2 - Wan Access Configuration Guide420 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork MSR Series and is the answer not in the manual?

HPE FlexNetwork MSR Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork MSR Series
CategoryNetwork Router
LanguageEnglish

Related product manuals