EasyManua.ls Logo

HPE FlexNetwork MSR Series Comware 5 Security Configuration Guide

HPE FlexNetwork MSR Series
547 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #208 background imageLoading...
Page #208 background image
195
# Create a RIPng process and enable it on Ethernet 1/1.
<RouterC> system-view
[RouterC] ripng 1
[RouterC-ripng-1] quit
[RouterC] interface ethernet 1/1
[RouterC-Ethernet1/1] ripng 1 enable
[RouterC-Ethernet1/1] quit
# Create an IPsec transform set named tran1, and set the encapsulation mode to transport
mode, the security protocol to ESP, the encryption algorithm to DES, and authentication
algorithm to SHA1-HMAC-96.
[RouterC] ipsec transform-set tran1
[RouterC-ipsec-transform-set-tran1] encapsulation-mode transport
[RouterC-ipsec-transform-set-tran1] transform esp
[RouterC-ipsec-transform-set-tran1] esp encryption-algorithm des
[RouterC-ipsec-transform-set-tran1] esp authentication-algorithm sha1
[RouterC-ipsec-transform-set-tran1] quit
# Create an IPsec policy named policy001, specify the manual mode for it, and configure the
SPIs of the inbound and outbound SAs as 123456, and the keys for the inbound and outbound
SAs using ESP as abcdefg.
[RouterC] ipsec policy policy001 10 manual
[RouterC-ipsec-policy-manual-policy001-10] transform-set tran1
[RouterC-ipsec-policy-manual-policy001-10] sa spi outbound esp 123456
[RouterC-ipsec-policy-manual-policy001-10] sa spi inbound esp 123456
[RouterC-ipsec-policy-manual-policy001-10] sa string-key outbound esp abcdefg
[RouterC-ipsec-policy-manual-policy001-10] sa string-key inbound esp abcdefg
[RouterC-ipsec-policy-manual-policy001-10] quit
# Apply IPsec policy policy001 to the RIPng process.
[RouterC] ripng 1
[RouterC-ripng-1] enable ipsec-policy policy001
[RouterC-ripng-1] quit
4. Verify the configuration:
After the configuration, Router A, Router B, and Router C learn IPv6 routing information through
RIPng. SAs are set up successfully, and the IPsec tunnel between two peers is up for protecting
the RIPng packets.
# Execute the display ripng command on Router A to view the running status and
configuration information of the specified RIPng process. The output shows that IPsec policy
policy001 is applied to this process successfully.
<RouterA> display ripng 1
RIPng process : 1
Preference : 100
Checkzero : Enabled
Default Cost : 0
Maximum number of balanced paths : 8
Update time : 30 sec(s) Timeout time : 180 sec(s)
Suppress time : 120 sec(s) Garbage-Collect time : 120 sec(s)
Number of periodic updates sent : 186
Number of trigger updates sent : 1
IPsec policy name: policy001, SPI: 123456

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork MSR Series and is the answer not in the manual?

HPE FlexNetwork MSR Series Specifications

General IconGeneral
CategoryNetwork Router
WAN PortsVaries by model
LAN PortsVaries by model
Switching CapacityVaries by model
IPv6 SupportYes
Product SeriesMSR Series
Routing ProtocolsBGP, OSPF, RIP, IS-IS, Static Routing
WAN InterfacesEthernet, Serial, T1/E1
LAN InterfacesEthernet, Fast Ethernet, Gigabit Ethernet
Power SupplyAC or DC (varies by model)
ManagementCLI, Web GUI, SNMP
VPN SupportIPsec, GRE, L2TP, DMVPN
QoS SupportYes
PortsVaries by model
FirewallStateful packet inspection, DoS/DDoS protection, Application layer filtering

Related product manuals