HP 7102dl - ProCurve Secure Router Configuration Manual page 515
Procurve secure router 7000dl series - advanced management and configuration guide
Hide thumbs
Also See for 7102dl - ProCurve Secure Router:
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages) ,
- Advanced management and configuration manual (1005 pages)
Table of Contents
Advertisement
matches the packet already exists, then the router secures the packet with the
keys contained in the SA, inserts the associated SPI, and forwards the packet
to its destination.
LAN
Match
Router searches for existing
IPSec SA that matches this
traffic
SA exits
Router:
• hashes and encrypts packet
• inserts IPSec header
• adds SPI and new IP header
• forwards packet
main or
aggressive
Figure 10-3. How the ProCurve Secure Router Processes Crypto Maps
Router
crypto
map VPN
0
ACL
A
1
ACL
B
IKE policy 1
IKE policy 2
Packet arrives on the VPN
interface from LAN
Router matches source and
destination IP to ACL A
Router looks for match
in ACL B
Router forwards packet, but
not over the VPN tunnel
SA does not exit
Match
Router looks up initiate mode
Initiate
IKE negotiates IPSec SA
with peer
Configuring a VPN Using IPSec
Internet
VPN tunnel
No
match
No
match
Router searches IKE policy 1
for the peer ID in the crypto
map entry
Match
Router searches IKE policy 2
Router discards packet
No initiate
Virtual Private Networks
Router
No
match
No
match
10-21
- Quick Links:
- Procurve Secure Router
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
