HP VSR1000 Security Configuration Manual page 217
Virtual services router
Hide thumbs
Also See for VSR1000:
- Configuration manual (463 pages) ,
- High availability configuration manual (91 pages) ,
- Layer 2 - wan access command reference (50 pages)
Table of Contents
Advertisement
[RouterB-ipsec-profile-profile001] transform-set tran1
[RouterB-ipsec-profile-profile001] sa spi outbound esp 123456
[RouterB-ipsec-profile-profile001] sa spi inbound esp 123456
[RouterB-ipsec-profile-profile001] sa string-key outbound esp simple abcdefg
[RouterB-ipsec-profile-profile001] sa string-key inbound esp simple abcdefg
[RouterB-ipsec-profile-profile001] quit
# Apply the IPsec profile to RIPng process 1.
[RouterB] ripng 1
[RouterB-ripng-1] enable ipsec-profile profile001
[RouterB-ripng-1] quit
3.
Configure Router C:
# Configure IPv6 addresses for interfaces. (Details not shown.)
# Configure basic RIPng.
<RouterC> system-view
[RouterC] ripng 1
[RouterC-ripng-1] quit
[RouterC] interface gigabitethernet 1/0
[RouterC-GigabitEthernet1/0] ripng 1 enable
[RouterC-GigabitEthernet1/0] quit
# Create and configure the IPsec transform set named tran1.
[RouterC] ipsec transform-set tran1
[RouterC-ipsec-transform-set-tran1] encapsulation-mode transport
[RouterC-ipsec-transform-set-tran1] protocol esp
[RouterC-ipsec-transform-set-tran1] esp encryption-algorithm aes-cbc-128
[RouterC-ipsec-transform-set-tran1] esp authentication-algorithm sha1
[RouterC-ipsec-transform-set-tran1] quit
# Create and configure the IPsec profile named profile001.
[RouterC] ipsec profile profile001 manual
[RouterC-ipsec-profile-profile001] transform-set tran1
[RouterC-ipsec-profile-profile001] sa spi outbound esp 123456
[RouterC-ipsec-profile-profile001] sa spi inbound esp 123456
[RouterC-ipsec-profile-profile001] sa string-key outbound esp simple abcdefg
[RouterC-ipsec-profile-profile001] sa string-key inbound esp simple abcdefg
[RouterC-ipsec-profile-profile001] quit
# Apply the IPsec profile to RIPng process 1.
[RouterC] ripng 1
[RouterC-ripng-1] enable ipsec-profile profile001
[RouterC-ripng-1] quit
Verifying the configuration
After the previous configurations, Router A, Router B, and Router C learn IPv6 routing information through
RIPng. IPsec SAs are set up successfully on the routers to protect RIPng packets. The following example
uses Router A to illustrate how to view the IPsec-related information.
# Use the display ripng command to display the RIPng configuration. The output shows that the IPsec
profile profile001 has been applied to RIPng process 1.
[RouterA] display ripng 1
RIPng process : 1
207
- Quick Links:
- Configuring the Device as an Ssh...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
