HP 5500 HI Series Configuration Manual page 288
Security
Hide thumbs
Also See for 5500 HI Series:
- Installation manual (72 pages) ,
- Compliance and safety manual (62 pages) ,
- Quickspecs (35 pages)
Table of Contents
Advertisement
Before you configure a manual IPsec policy, configure ACLs used for identifying protected traffic and
IPsec transform sets. ACLs are not required for IPsec policies for an IPv6 protocol.
To configure a manual IPsec policy:
Step
1.
Enter system view.
2.
Create a manual IPsec
policy and enter its
view.
3.
Assign an ACL to the
IPsec policy.
4.
Assign an IPsec
proposal to the IPsec
policy.
5.
Configure the two ends
of the IPsec tunnel.
6.
Configure an SPI for an
SA.
Command
system-view
ipsec policy policy-name
seq-number manual
security acl acl-number
proposal proposal-name
•
Configure the local address of
the tunnel:
tunnel local ip-address
•
Configure the remote address of
the tunnel:
tunnel remote ip-address
sa spi { inbound | outbound } { ah |
esp } spi-number
275
Remarks
N/A
By default, no IPsec policy exists.
Not needed for IPsec policies to be
applied to IPv6 routing protocols and
required for other applications.
By default, an IPsec policy references no
ACL.
An IPsec policy can reference only one
ACL. If you specify multiple ACLs for an
IPsec policy, only the last specified ACL
takes effect.
By default, an IPsec policy references no
IPsec proposal.
A manual IPsec policy can reference only
one IPsec proposal. To change an IPsec
proposal for an IPsec policy, you must
remove the current reference first.
Configuring the local address of the
tunnel is not needed for IPsec policies to
be applied to IPv6 routing protocols and
required for other applications.
Configuring the remote address of the
tunnel is required.
Both the local and remote addresses are
not configured by default.
By default, no SPI is configured for an
SA.
- Quick Links:
- Configuration Guide
- Configuring Aaa
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
