Huawei AR1200 Series Configuration Guide

Huawei AR1200 Series

392 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Page #339 background image

Loading...

Page #339 background image

[Huawei] display ipsec proposal

Number of Proposals: 1

IPsec proposal name: tran1

Encapsulation mode: Tunnel

Transform : esp-new

ESP protocol : Authentication SHA1-HMAC-96

Encryption DES

Step 7 Create IPSec policies on RouterA and RouterB.

# Create an IPSec policy on RouterA.

[Huawei] ipsec policy map1 10 isakmp

[Huawei-ipsec-policy-isakmp-map1-10] ike-peer spub

[Huawei-ipsec-policy-isakmp-map1-10] proposal tran1

[Huawei-ipsec-policy-isakmp-map1-10] security acl 3101

[Huawei-ipsec-policy-isakmp-map1-10] quit

# Create an IPSec policy on RouterB.

[Huawei] ipsec policy use1 10 isakmp

[Huawei-ipsec-policy-isakmp-use1-10] ike-peer spua

[Huawei-ipsec-policy-isakmp-use1-10] proposal tran1

[Huawei-ipsec-policy-isakmp-use1-10] security acl 3101

[Huawei-ipsec-policy-isakmp-use1-10] quit

Run the display ipsec policy command on RouterA and RouterB to view the configurations of

the IPSec policies. Take the display on RouterA as an example.

[Huawei] display ipsec policy

===========================================

IPsec policy group: "map1"

Using interface: {}

===========================================

Sequence number: 10

Security data flow: 3101

Peer name: spub

Perfect forward secrecy: None

Proposal name: tran1

IPsec SA local duration(time based): 3600 seconds

IPsec SA local duration(traffic based): 1843200 kilobytes

SA trigger mode: Automatic

Route inject: None

Step 8 Apply the IPSec policies to the interfaces of RouterA and RouterB.

# Apply the IPSec policy to the interface of RouterA.

[Huawei] interface ethernet 1/0/0

[Huawei-Ethernet1/0/0] ipsec policy map1

[Huawei-Ethernet1/0/0] quit

# Apply the IPSec policy to the interface of RouterB.

[Huawei] interface ethernet 1/0/0

[Huawei-Ethernet1/0/0] ipsec policy use1

[Huawei-Ethernet1/0/0] quit

Run the display ipsec sa command on RouterA and RouterB to view the configuration of the

IPSec SAs. Take the display on RouterA as an example.

[Huawei] display ipsec sa

===============================

Interface: Ethernet 1/0/0

path MTU: 1500

===============================

-----------------------------

Huawei AR1200 Series Enterprise Routers

Configuration Guide - VPN 5 IPSec Configuration

Issue 01 (2012-04-20) Huawei Proprietary and Confidential

Copyright © Huawei Technologies Co., Ltd.

328

Table of Contents

Other manuals for Huawei AR1200 Series

User Configuration Guide232 pages

Configuration Guide - Wlan58 pages

Configuration Guide - Voice65 pages

Hardware Description218 pages

Usage Guide69 pages

Compliance And Safety Manual31 pages

Configuration Guide - Mpls132 pages

Brochure12 pages

Questions and Answers:

Need help?

Do you have a question about the Huawei AR1200 Series and is the answer not in the manual?

Huawei AR1200 Series Specifications

General

Brand	Huawei
Model	AR1200 Series
Category	Network Router
Language	English

Related product manuals

Preview: Huawei AR1200-S

Huawei AR1200-S

Preview: Huawei AR120

Huawei AR120 Series

Preview: Huawei Vodafone AR1220

Huawei Vodafone AR1220

Preview: Huawei AR150 series

Huawei AR150 series

Huawei AR100 Series

Huawei AR160 Series

Huawei AR651W-X4

Huawei AR502CG-L

Huawei AR650 Series

Preview: Huawei AR600 Series

Huawei AR600 Series