Configuring Ipsec Rri - HP 12500 Series Configuration Manual
Routing
Hide thumbs
Also See for 12500 Series:
- Configuration manual (402 pages) ,
- Network management and monitoring command reference (320 pages) ,
- Command reference manual (157 pages)
Table of Contents
Advertisement
Using the display ipsec sa command on Switch A, you will see the information about the inbound
and outbound SAs.
<SwitchA> display ipsec sa
===============================
Protocol: RIPng
===============================
-----------------------------
IPsec policy name: "policy001"
sequence number: 10
mode: manual
-----------------------------
connection id: 1
encapsulation mode: transport
perfect forward secrecy:
tunnel:
flow:
[inbound ESP SAs]
[outbound ESP SAs]
Similarly, you can view the information on Switch B and Switch C. (Details not shown.)
Configuring IPsec RRI
This configuration example is applicable only to switches operating in FIPS mode.
Network requirements
As shown in
between the headquarters and the branch. Configure the tunnel to use the security protocol ESP, the
encryption algorithm AES 128, and the authentication algorithm SHA1-HMAC-96. Use IKE for automatic
SA negotiation.
Configure IPsec RRI on Switch A to automatically create a static route to the branch based on the
established IPsec SAs. Specify the next hop of the route as 1.1.1.2.
Number of trigger updates sent : 1
IPsec policy name: policy001, SPI: 123456
spi: 123456 (0x3039)
proposal: ESP-ENCRYPT-DES ESP-AUTH-SHA1
No duration limit for this sa
spi: 123456 (0x3039)
proposal: ESP-ENCRYPT-DES ESP-AUTH-SHA1
No duration limit for this sa
Figure
66, configure an IPsec tunnel between Switch A and Switch B to protect the traffic
192
Advertisement
Table of Contents
Troubleshooting
