HP VSR1000 Security Configuration Manual page 221
Virtual services router
Hide thumbs
Also See for VSR1000:
- Configuration manual (463 pages) ,
- High availability configuration manual (91 pages) ,
- Layer 2 - wan access command reference (50 pages)
Table of Contents
Advertisement
Make sure Router B has a route to the peer private network, with the outgoing interface as
GigabitEthernet 1/0.
4.
Configure Router C and Router D in the same way Router B is configured.
Verifying the configuration
Send traffic from subnet 5.5.5.0/24 to subnet 4.4.4.0/24. IKE negotiation is triggered to establish IPsec
SAs between Router A and Router B.
# Display IPsec information on Router A.
[RouterA] display ipsec sa
-------------------------------
Interface: GigabitEthernet1/0
-------------------------------
-----------------------------
IPsec policy: map1
Sequence number: 10
Mode: template
-----------------------------
Tunnel id: 0
Encapsulation mode: tunnel
Perfect forward secrecy:
Path MTU: 1463
Tunnel:
local
remote address: 2.2.2.2
Flow:
sour addr: 4.4.4.0/255.255.255.0
dest addr: 5.5.5.0/255.255.255.0
[Inbound ESP SAs]
SPI: 1014286405 (0x3c74c845)
Transform set: ESP-ENCRYPT-DES-CBC ESP-AUTH-SHA1
SA duration (kilobytes/sec): 1843200/3600
SA remaining duration (kilobytes/sec): 1843199/3590
Max received sequence-number: 4
Anti-replay check enable: Y
Anti-replay window size: 64
UDP encapsulation used for nat traversal: N
Status: active
[Outbound ESP SAs]
SPI: 4011716027 (0xef1dedbb)
Transform set: ESP-ENCRYPT-DES-CBC ESP-AUTH-SHA1
SA duration (kilobytes/sec): 1843200/3600
SA remaining duration (kilobytes/sec): 1843199/3590
Max sent sequence-number: 4
UDP encapsulation used for nat traversal: N
Status: active
address: 1.1.1.1
port: 0
protocol: ip
port: 0
protocol: ip
211
- Quick Links:
- Configuring the Device as an Ssh...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
