reference IPsec transform set trans, and set the SPIs of the inbound and outbound SAs to 123 and
the keys for the inbound and outbound SAs to abc using ESP.
[RouterA] ipsec transform-set trans
[RouterA-ipsec-transform-set-trans] encapsulation-mode transport
[RouterA-ipsec-transform-set-trans] esp encryption-algorithm 3des-cbc
[RouterA-ipsec-transform-set-trans] esp authentication-algorithm md5
[RouterA-ipsec-transform-set-trans] ah authentication-algorithm md5
[RouterA-ipsec-transform-set-trans] quit
[RouterA] ipsec profile profile001 manual
[RouterA-ipsec-profile-profile001-manual] transform-set trans
[RouterA-ipsec-profile-profile001-manual] sa spi inbound ah 100000
[RouterA-ipsec-profile-profile001-manual] sa spi outbound ah 100000
[RouterA-ipsec-profile-profile001-manual] sa spi inbound esp 200000
[RouterA-ipsec-profile-profile001-manual] sa spi outbound esp 200000
[RouterA-ipsec-profile-profile001-manual] sa string-key inbound ah simple abc
[RouterA-ipsec-profile-profile001-manual] sa string-key outbound ah simple abc
[RouterA-ipsec-profile-profile001-manual] sa string-key inbound esp simple 123
[RouterA-ipsec-profile-profile001-manual] sa string-key outbound esp simple 123
[RouterA-ipsec-profile-profile001-manual] quit
# On Router B, create an IPsec transform set named trans, and set the encapsulation mode to
transport mode, the security protocol to ESP, the encryption algorithm to 3DES, and authentication
algorithm to MD5. Create an IPsec profile named profile001, specify the manual mode for it,
reference IPsec transform set trans, and set the SPIs of the inbound and outbound SAs to 123 and
the keys for the inbound and outbound SAs using ESP to abc.
[RouterB] ipsec transform-set trans
[RouterB-ipsec-transform-set-trans] encapsulation-mode transport
[RouterB-ipsec-transform-set-trans] esp encryption-algorithm 3des-cbc
[RouterB-ipsec-transform-set-trans] esp authentication-algorithm md5
[RouterB-ipsec-transform-set-trans] ah authentication-algorithm md5
[RouterB-ipsec-transform-set-trans] quit
[RouterB] ipsec profile profile001 manual
[RouterB-ipsec-profile-profile001-manual] transform-set trans
[RouterB-ipsec-profile-profile001-manual] sa spi inbound ah 100000
[RouterB-ipsec-profile-profile001-manual] sa spi outbound ah 100000
[RouterB-ipsec-profile-profile001-manual] sa spi inbound esp 200000
[RouterB-ipsec-profile-profile001-manual] sa spi outbound esp 200000
[RouterB-ipsec-profile-profile001-manual] sa string-key inbound ah simple abc
[RouterB-ipsec-profile-profile001-manual] sa string-key outbound ah simple abc
[RouterB-ipsec-profile-profile001-manual] sa string-key inbound esp simple 123
[RouterB-ipsec-profile-profile001-manual] sa string-key outbound esp simple 123
[RouterB-ipsec-profile-profile001-manual] quit
[RouterB] ipsec profile profile002 manual
[RouterB-ipsec-profile-profile002-manual] transform-set trans
[RouterB-ipsec-profile-profile002-manual] sa spi inbound ah 400000
[RouterB-ipsec-profile-profile002-manual] sa spi outbound ah 400000
[RouterB-ipsec-profile-profile002-manual] sa spi inbound esp 256
[RouterB-ipsec-profile-profile002-manual] sa spi outbound esp 256
[RouterB-ipsec-profile-profile002-manual] sa string-key inbound ah simple hello
369