Optional) Configuring Route Injection; Applying An Ipsec Policy To An Interface - Huawei AR1200 series Configuration Manual
Enterprise routers
Hide thumbs
Also See for AR1200 series:
- Configuration manual (342 pages) ,
- User configuration manual (232 pages) ,
- Hardware description (218 pages)
Table of Contents
Advertisement
Huawei AR1200 Series Enterprise Routers
Configuration Guide - VPN
l
----End
5.4.9 (Optional) Configuring Route Injection
Route injection associates route selection with the IPSec tunnel status. If the IPSec tunnel is Up,
the route of the IPSec peer can be added and advertised. If the IPSec tunnel is Down, the route
of the IPSec peer can be deleted and withdrawn.
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
ipsec policy policy-name seq-number isakmp
The IPSec policy view is displayed.
The IPSec policy must be configured using IKE negotiation or an IPSec tunnel interface.
Step 3 Run:
route inject { static | dynamic } [ preference preference ]
Route injection is enabled.
By default, route injection is disabled.
----End
5.4.10 Applying an IPSec policy to an interface
An interface can use only one IPSec policy. An IPSec policy for IKE negotiation can be applied
to multiple interfaces.
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
interface interface-type interface-number
The interface view is displayed.
Step 3 Run:
ipsec policy policy-name
An IPSec policy is applied to the interface.
Issue 01 (2012-04-20)
The sequence of payload in DPD packets is configured.
Run:
dpd type { on-demand | periodic }
The DPD mode is configured.
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
5 IPSec Configuration
301
Hide quick links:
Advertisement
Table of Contents
