Applying Ipsec Policies For Ripng - HP 3600 v2 series Configuration Manual

Applying IPsec policies for RIPng

To protect routing information and defend attacks, RIPng supports using an IPsec policy to authenticate
protocol packets.
Outbound RIPng packets carry the Security Parameter Index (SPI) defined in the relevant IPsec policy. A
device uses the SPI carried in a received packet to match against the configured IPsec policy. If they
match, the device accepts the packet; otherwise, it discards the packet and will not establish a neighbor
relationship with the sending device.
You can configure an IPsec policy for a RIPng process or interface. The IPsec policy configured for a
process applies to all packets in the process. The IPsec policy configured on an interface applies to
packets on the interface. If an interface and its process each have an IPsec policy configured, the
interface uses its own IPsec policy.
Configuration prerequisites
Before applying an IPsec policy for RIPng, complete following tasks:
Create an IPsec proposal
•
Create an IPsec policy
•
For more information about IPsec policy configuration, see Security Configuration Guide.
Configuration procedure
Follow these steps to apply an IPsec policy in a process:
To do...
Enter system view
Enter RIPng view
Apply an IPsec policy in the process
Follow these steps to apply an IPsec policy on an interface:
To do...
Enter system view
Enter interface view
Apply an IPsec policy on the
interface
NOTE:
An IPsec policy used for RIPng can only be in manual mode. For more information, see
Configuration Guide
Use the command...
system-view
ripng [ process-id ]
enable ipsec-policy policy-name
Use the command...
system-view
interface interface-type
interface-number
ripng ipsec-policy policy-name
.
271
Remarks
—
—
Required
Not configured by default
Remarks
—
—
Required
Not configured by default
Security