HP 6125XLG Layer 3 - Ip Routing Configuration Manual page 361

[SwitchB-ipsec-profile-profile001-manual] sa spi outbound esp 256
[SwitchB-ipsec-profile-profile001-manual] sa string-key inbound esp simple abc
[SwitchB-ipsec-profile-profile001-manual] sa string-key outbound esp simple abc
[SwitchB-ipsec-profile-profile001-manual] quit
# On Switch C, create an IPsec transform set named protrf1, and set the encapsulation mode to
transport mode, the security protocol to ESP, the encryption algorithm to 3DES, and authentication
algorithm to MD5. Create an IPsec profile named profile001, specify the manual mode for it,
reference IPsec transform set protrf1, and set the SPIs of the inbound and outbound SAs to 256 and
the keys for the inbound and outbound SAs using ESP to abc.
[SwitchC] ipsec transform-set protrf1
[SwitchC-ipsec-transform-set-protrf1] esp encryption-algorithm 3des-cbc
[SwitchC-ipsec-transform-set-protrf1] esp authentication-algorithm md5
[SwitchC-ipsec-transform-set-protrf1] encapsulation-mode transport
[SwitchC-ipsec-transform-set-protrf1] quit
[SwitchC] ipsec profile profile001 manual
[SwitchC-ipsec-profile-profile001-manual] transform-set protrf1
[SwitchC-ipsec-profile-profile001-manual] sa spi inbound esp 256
[SwitchC-ipsec-profile-profile001-manual] sa spi outbound esp 256
[SwitchC-ipsec-profile-profile001-manual] sa string-key inbound esp simple abc
[SwitchC-ipsec-profile-profile001-manual] sa string-key outbound esp simple abc
[SwitchC-ipsec-profile-profile001-manual] quit
4. Apply the IPsec profiles to the RIPng process:
# Configure Switch A.
[SwitchA] ripng 1
[SwitchA-ripng-1] enable ipsec-profile profile001
[SwitchA-ripng-1] quit
# Configure Switch B.
[SwitchB] ripng 1
[SwitchB-ripng-1] enable ipsec-profile profile001
[SwitchB-ripng-1] quit
# Configure Switch C.
[SwitchC] ripng 1
[SwitchC-ripng-1] enable ipsec-profile profile001
[SwitchC-ripng-1] quit
Verifying the configuration
RIPng packets between Switches A, B and C are protected by IPsec.
349