EasyManuals Logo
Home>HPE>Network Router>FlexNetwork MSR Series

HPE FlexNetwork MSR Series Comware 5 Security Configuration Guide

HPE FlexNetwork MSR Series
547 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #480 background imageLoading...
Page #480 background image
467
[KS1-ike-peer-toks2] remote-address 200.2.2.200
[KS1-ike-peer-toks2] quit
# Create the IKE peer togm for IKE negotiation with GMs.
[KS1] ike peer togm
# Apply IKE proposal 1 to the IKE peer.
[KS1-ike-peer-togm] proposal 1
# Configure the pre-shared key as tempkey1 in plaintext.
[KS1-ike-peer-togm] pre-shared-key simple tempkey1
[KS1-ike-peer-togm] quit
# Create an IPsec transform set fortek.
[KS1] ipsec transform-set fortek
# Specify the ESP protocol for the IPsec transform set fortek.
[KS1-ipsec-transform-set-fortek] transform esp
# Specify the encryption algorithm AES-CBC 128 for the IPsec transform set fortek.
[KS1-ipsec-transform-set-fortek] esp encryption-algorithm aes-cbc-128
# Specify the authentication algorithm SHA1 for the IPsec transform set fortek.
[KS1-ipsec-transform-set-fortek] esp authentication-algorithm sha1
[KS1-ipsec-transform-set-fortek] quit
# Create an IPsec profile fortek.
[KS1] ipsec profile fortek
# Reference the IPsec transform set fortek for the IPsec profile fortek.
[KS1-ipsec-profile-fortek] transform-set fortek
[KS1-ipsec-profile-fortek] quit
# Create an ACL named fortek.
[KS1] acl number 3000 name fortek
# Create ACL rules to identify the directional traffic to be protected.
[KS1-acl-adv-3000-fortek] rule 0 permit ip source 10.1.1.0 0.0.0.255 destination
10.1.2.0 0.0.0.255
[KS1-acl-adv-3000-fortek] rule 1 permit ip source 10.1.2.0 0.0.0.255 destination
10.1.1.0 0.0.0.255
[KS1-acl-adv-3000-fortek] rule 2 permit ip source 10.1.1.0 0.0.0.255 destination
10.1.3.0 0.0.0.255
[KS1-acl-adv-3000-fortek] rule 3 permit ip source 10.1.3.0 0.0.0.255 destination
10.1.1.0 0.0.0.255
[KS1-acl-adv-3000-fortek] quit
# Create an ACL named forrekey.
[KS1] acl number 3001 name forrekey
# Configure a rule to permit rekey traffic destined for 225.0.0.1.
[KS1-acl-adv-3001-forrekey] rule 0 permit ip destination 225.0.0.1 0
[KS1-acl-adv-3001-forrekey] quit
# Create a local RSA key pair named rsa1.
[KS1] public-key local create rsa name rsa1
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Preview: Configuration Guide
Configuration Guide861 pages
Preview: Comware 7 Layer 3 - Ip Services Configuration Guides
Comware 7 Layer 3 - Ip Services Configuration Guides554 pages
Preview: Guide
Guide213 pages
Preview: Command Reference
Command Reference120 pages
Preview: Comware 5 Layer 2 - Wan Access Configuration Guide
Comware 5 Layer 2 - Wan Access Configuration Guide420 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork MSR Series and is the answer not in the manual?

HPE FlexNetwork MSR Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork MSR Series
CategoryNetwork Router
LanguageEnglish

Related product manuals