Table of Contents
Advertisement
3Com Router 3000 Ethernet Family
Configuration Guide
# Reference the IPSec proposal.
[3Com-ipsec-policy-manual-map1-10] proposal tran1
# Configure the peer address.
[3Com-ipsec-policy-manual-map1-10] tunnel remote 202.38.162.1
# Configure local end address.
[3Com-ipsec-policy-manual-map1-10] tunnel local 202.38.163.1
# Configure SPI.
[3Com-ipsec-policy-manual-map1-10] sa spi outbound esp 12345
[3Com-ipsec-policy-manual-map1-10] sa spi inbound esp 54321
# Configure shared secret.
[3Com-ipsec-policy-manual-map1-10] sa string-key outbound esp abcdefg
[3Com-ipsec-policy-manual-map1-10] sa string-key inbound esp gfedcba
# Return to system view.
[3Com-ipsec-policy-manual-map1-10] quit
# Enter serial interface view.
[3Com] interface serial 2/0/1
# Configure serial interface IP address.
[3Com-Serial2/0/1] ip address 202.38.163.1 255.0.0.0
# On serial interface, use IPSec policy group.
[3Com-Serial2/0/1] ipsec policy map1
2)
Router B will be configured as follows:
# Configure an access control list, specifying data flow from sub-network 10.1.2.x to
sub-network 10.1.1.x.
[3Com] acl number 3101
[3Com-acl-adv-3101] rule permit ip source 10.1.2.0 0.0.0.255 destination
10.1.1.0 0.0.0.255
[3Com-acl-adv-101] rule deny ip source any destination any
# Configure the static route to PC A.
[3Com] ip route-static 10.1.1.0 255.255.255.0 202.38.163.1
# Establish IPSec proposal with the name tran1.
[3Com] ipsec proposal tran1
# Set packet encapsulation mode to tunnel mode.
[3Com-ipsec-proposal-tran1] encapsulation-mode tunnel
# Security protocol is ESP protocol.
[3Com-ipsec-proposal-tran1] transform esp
3Com Corporation
7-32
Chapter 7 IPSec Configuration
Advertisement
Chapters
Table of Contents
Troubleshooting
