EasyManuals Logo

HPE FlexNetwork MSR Series Comware 5 Security Configuration Guide

HPE FlexNetwork MSR Series
547 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #224 background imageLoading...
Page #224 background image
211
[RouterA-Ethernet1/2] ip address 10.1.1.1 255.255.255.0
[RouterA-Ethernet1/2] quit
# Assign an IP address to interface Ethernet 1/1.
[RouterA] interface ethernet 1/1
[RouterA-Ethernet1/1] ip address 1.1.1.1 255.255.255.0
# Apply the IPsec policy to interface Ethernet 1/1.
[RouterA-Ethernet1/1] ipsec policy map1
# Configure a static route to subnet 10.1.2.0/24.
[RouterA] ip route-static 10.1.2.0 255.255.255.0 2.2.2.2
3. Configure Router B:
# Configure ACL 3101 to identify traffic from subnet 10.1.2.0/24 to subnet 10.1.1.0/24.
<RouterB> system-view
[RouterB] acl number 3101
[RouterB-acl-adv-3101] rule permit ip source 10.1.2.0 0.0.0.255 destination 10.1.1.0
0.0.0.255
[RouterB-acl-adv-3101] quit
# Create IPsec transform set tran1.
[RouterB] ipsec transform-set tran1
# Set the packet encapsulation mode to tunnel.
[RouterB-ipsec-transform-set-tran1] encapsulation-mode tunnel
# Use security protocol ESP.
[RouterB-ipsec-transform-set-tran1] transform esp
# Specify encryption and authentication algorithms.
[RouterB-ipsec-transform-set-tran1] esp encryption-algorithm des
[RouterB-ipsec-transform-set-tran1] esp authentication-algorithm sha1
[RouterB-ipsec-transform-set-tran1] quit
# Create IKE peer peer.
[RouterB] ike peer peer
# Set the pre-shared key.
[RouterB-ike-peer-peer] pre-shared-key abcde
# Specify the IP address of the peer security gateway.
[RouterB-ike-peer-peer] remote-address 1.1.1.1
[RouterB-ike-peer-peer] quit
# Create an IPsec policy that uses IKE negotiation.
[RouterB] ipsec policy use1 10 isakmp
# Reference ACL 3101 to identify the protected traffic.
[RouterB-ipsec-policy-isakmp-use1-10] security acl 3101
# Reference IPsec transform set tran1.
[RouterB-ipsec-policy-isakmp-use1-10] transform-set tran1
# Reference IKE peer peer.
[RouterB-ipsec-policy-isakmp-use1-10] ike-peer peer
[RouterB-ipsec-policy-isakmp-use1-10] quit
# Assign an IP address to interface Ethernet 1/2.
[RouterB] interface ethernet 1/2
[RouterB-Ethernet1/2] ip address 10.1.2.1 255.255.255.0
[RouterB-Ethernet1/2] quit
# Assign an IP address to interface Ethernet 1/1.

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork MSR Series and is the answer not in the manual?

HPE FlexNetwork MSR Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork MSR Series
CategoryNetwork Router
LanguageEnglish

Related product manuals