HP 12500 Series Configuration Manual page 201
Routing
Hide thumbs
Also See for 12500 Series:
- Configuration manual (402 pages) ,
- Network management and monitoring command reference (320 pages) ,
- Command reference manual (157 pages)
Table of Contents
Advertisement
# Assign an IPv6 address to each interface. (Details not shown.)
# Create a RIPng process and enable it on VLAN-interface 200.
<SwitchC> system-view
[SwitchC] ripng 1
[SwitchC-ripng-1] quit
[SwitchC] interface vlan-interface 200
[SwitchC-Vlan-interface200] ripng 1 enable
[SwitchC-Vlan-interface200] quit
# Create an IPsec proposal named tran1, and set the encapsulation mode to transport mode, the
security protocol to ESP, the encryption algorithm to AES 128, and authentication algorithm to
SHA1-HMAC-96.
[SwitchC] ipsec proposal tran1
[SwitchC-ipsec-proposal-tran1] encapsulation-mode transport
[SwitchC-ipsec-proposal-tran1] transform esp
[SwitchC-ipsec-proposal-tran1] esp encryption-algorithm aes 128
[SwitchC-ipsec-proposal-tran1] esp authentication-algorithm sha1
[SwitchC-ipsec-proposal-tran1] quit
# Create an IPsec policy named policy001, specify the manual mode for it, and configure the SPIs
of the inbound and outbound SAs to 123456, and the keys for the inbound and outbound SAs
using ESP to abcdefg.
[SwitchC] ipsec policy policy001 10 manual
[SwitchC-ipsec-policy-manual-policy001-10] proposal tran1
[SwitchC-ipsec-policy-manual-policy001-10] sa spi outbound esp 123456
[SwitchC-ipsec-policy-manual-policy001-10] sa spi inbound esp 123456
[SwitchC-ipsec-policy-manual-policy001-10] sa string-key outbound esp abcdefg
[SwitchC-ipsec-policy-manual-policy001-10] sa string-key inbound esp abcdefg
[SwitchC-ipsec-policy-manual-policy001-10] quit
# Apply IPsec policy policy001 to the RIPng process.
[SwitchC] ripng 1
[SwitchC-ripng-1] enable ipsec-policy policy001
[SwitchC-ripng-1] quit
Verify the configuration:
4.
After the configuration, Switch A, Switch B, and Switch C learns IPv6 routing information through
RIPng. SAs are set up successfully, and the IPsec tunnel between two peers is up for protecting the
RIPng packets.
Using the display ripng command on Switch A, you will see the running status and configuration
information of the specified RIPng process. The output shows that IPsec policy policy001 is applied
to this process successfully.
<SwitchA> display ripng 1
RIPng process : 1
Preference : 100
Checkzero : Enabled
Default Cost : 0
Maximum number of balanced paths : 8
Update time
Suppress time :
Number of periodic updates sent : 186
:
30 sec(s)
Timeout time
120 sec(s)
Garbage-Collect time :
191
:
180 sec(s)
120 sec(s)
Advertisement
Table of Contents
Troubleshooting
