EasyManuals Logo
Home>HPE>Network Router>FlexNetwork MSR Series

HPE FlexNetwork MSR Series Comware 5 Security Configuration Guide

HPE FlexNetwork MSR Series
547 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #475 background imageLoading...
Page #475 background image
462
GDOI GM configuration task list
Task Remarks
Configuring a GDOI GM group
Required.
Configuring a GDOI IPsec policy
Required.
Applying a GDOI IPsec policy to an interface
Required.
Configuring a GDOI GM group
You can configure multiple GDOI GM groups on a GM. Different GDOI GM groups must have
different KS addresses and group IDs.
A GDOI GM group includes the following information that the GM uses to register with a KS:
• Group name—Identifies the GDOI GM group on the GM, used for local management and
reference.
• Group ID—Identifies the GDOI GM group in the group domain VPN. The KS uses the group ID
to identify the GDOI GM group that the requesting GM wants to join. A GDOI GM group can
have only one group ID that is a group number or an IP address.
• KS address—Identifies the IP address of a KS with which the GM registers. A GDOI GM group
can have up to eight KS addresses. The GM first sends a registration request to the
first-specified KS. If the registration does not succeed before the register timer expires, the GM
registers with other KSs one by one in the order they are configured until the registration
succeeds. If all registration attempts fail, the GM repeats the registration process.
• Registration interface—The GM uses the registration interface to send registration packets to
the KS. By default, the registration interface of a GM is the output interface of the route from the
GM to the KS.
Follow these guidelines when you configure a GDOI GM group:
• A GDOI GM group can have only one group ID. A newly configured group ID overwrites the
previous one.
• Different GDOI GM groups must have different group IDs and KS addresses.
• A GDOI GM group must have the same group ID as the KS with which the GM group registers.
To configure a GDOI GM group:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Create a GDOI GM group
and enter GDOI GM
group view.
gdoi gm group
group-name
By default, no GDOI GM group
exists.
3. Configure a GDOI GM
group ID.
identity
{
address
ip-address |
number
number }
By default, no GDOI GM group
ID is specified.
Specify an IP address or a
number as the group ID.
4. Configure a KS address.
server address
ip-address
By default, no KS address is
specified.

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Preview: Configuration Guide
Configuration Guide861 pages
Preview: Comware 7 Layer 3 - Ip Services Configuration Guides
Comware 7 Layer 3 - Ip Services Configuration Guides554 pages
Preview: Guide
Guide213 pages
Preview: Command Reference
Command Reference120 pages
Preview: Comware 5 Layer 2 - Wan Access Configuration Guide
Comware 5 Layer 2 - Wan Access Configuration Guide420 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork MSR Series and is the answer not in the manual?

HPE FlexNetwork MSR Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork MSR Series
CategoryNetwork Router
LanguageEnglish

Related product manuals