Configuring Ipsec Rri - HPE FlexNetwork MSR Series Comware 5 Security Configuration Manual
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (861 pages) ,
- Comware 7 layer 3 - ip services configuration manuals (554 pages) ,
- Comware 5 layer 2 - wan access configuration manual (420 pages)
Table of Contents
Advertisement
# Execute the display ipsec sa command on Router A to view the information about the
inbound and outbound SAs.
<RouterA> display ipsec sa
===============================
Protocol: RIPng
===============================
-----------------------------
IPsec policy name: "policy001"
sequence number: 10
acl version: none
mode: manual
-----------------------------
PFS: N, DH group: none
tunnel:
flow:
[inbound ESP SAs]
[outbound ESP SAs]
Similarly, you can view the information on Router B and Router C. (Details not shown.)
Configuring IPsec RRI
Network requirements
As shown in
between the headquarters and the branch. Configure the tunnel to use the security protocol ESP, the
encryption algorithm DES, and the authentication algorithm SHA1-HMAC-96. Use IKE for automatic
SA negotiation.
Configure IPsec RRI on Router A to automatically create a static route to the branch based on the
established IPsec SAs. Specify the next hop of the route as 1.1.1.2.
spi: 0x3039(123456)
transform: ESP-ENCRYPT-DES ESP-AUTH-SHA1
in use setting: Transport
connection id: 13
No duration limit for this sa
spi: 0x3039(123456)
transform: ESP-ENCRYPT-DES ESP-AUTH-SHA1
in use setting: Transport
connection id: 14
No duration limit for this sa
Figure
63, configure an IPsec tunnel between Router A and Router B to protect the traffic
196
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the FlexNetwork MSR Series and is the answer not in the manual?