HPE 5800 Series Configuration Manual page 277
Layer 3 - ip routing
Hide thumbs
Also See for 5800 Series:
- Installation manual (126 pages) ,
- Configuration manual (412 pages) ,
- Configuration manuals (259 pages)
Table of Contents
Advertisement
[SwitchA] ipsec transform-set tran1
[SwitchA-ipsec-transform-set-tran1] encapsulation-mode transport
[SwitchA-ipsec-transform-set-tran1] transform esp
[SwitchA-ipsec-transform-set-tran1] esp encryption-algorithm des
[SwitchA-ipsec-transform-set-tran1] esp authentication-algorithm sha1
[SwitchA-ipsec-transform-set-tran1] quit
[SwitchA] ipsec policy policy001 10 manual
[SwitchA-ipsec-policy-manual-policy001-10] transform-set tran1
[SwitchA-ipsec-policy-manual-policy001-10] sa spi outbound esp 12345
[SwitchA-ipsec-policy-manual-policy001-10] sa spi inbound esp 12345
[SwitchA-ipsec-policy-manual-policy001-10] sa string-key outbound esp abcdefg
[SwitchA-ipsec-policy-manual-policy001-10] sa string-key inbound esp abcdefg
[SwitchA-ipsec-policy-manual-policy001-10] quit
# On Switch B, create an IPsec proposal named tran1, and set the encapsulation mode to
transport mode, the security protocol to ESP, the encryption algorithm to DES, and
authentication algorithm to SHA1. Create an IPsec policy named policy001, specify the
manual mode for it, reference IPsec proposal tran1, set the SPIs of the inbound and outbound
SAs to 12345, and the keys for the inbound and outbound SAs using ESP to abcdefg.
[SwitchB] ipsec transform-set tran1
[SwitchB-ipsec-transform-set-tran1] encapsulation-mode transport
[SwitchB-ipsec-transform-set-tran1] transform esp
[SwitchB-ipsec-transform-set-tran1] esp encryption-algorithm des
[SwitchB-ipsec-transform-set-tran1] esp authentication-algorithm sha1
[SwitchB-ipsec-transform-set-tran1] quit
[SwitchB] ipsec policy policy001 10 manual
[SwitchB-ipsec-policy-manual-policy001-10] transform-set tran1
[SwitchB-ipsec-policy-manual-policy001-10] sa spi outbound esp 12345
[SwitchB-ipsec-policy-manual-policy001-10] sa spi inbound esp 12345
[SwitchB-ipsec-policy-manual-policy001-10] sa string-key outbound esp abcdefg
[SwitchB-ipsec-policy-manual-policy001-10] sa string-key inbound esp abcdefg
[SwitchB-ipsec-policy-manual-policy001-10] quit
# On Switch C, create an IPsec proposal named tran1, and set the encapsulation mode to
transport mode, the security protocol to ESP, the encryption algorithm to DES, and
authentication algorithm to SHA1. Create an IPsec policy named policy001, specify the
manual mode for it, reference IPsec proposal tran1, set the SPIs of the inbound and outbound
SAs to 12345, and the keys for the inbound and outbound SAs using ESP to abcdefg.
[SwitchC] ipsec transform-set tran1
[SwitchC-ipsec-transform-set-tran1] encapsulation-mode transport
[SwitchC-ipsec-transform-set-tran1] transform esp
[SwitchC-ipsec-transform-set-tran1] esp encryption-algorithm des
[SwitchC-ipsec-transform-set-tran1] esp authentication-algorithm sha1
[SwitchC-ipsec-transform-set-tran1] quit
[SwitchC] ipsec policy policy001 10 manual
[SwitchC-ipsec-policy-manual-policy001-10] transform-set tran1
[SwitchC-ipsec-policy-manual-policy001-10] sa spi outbound esp 12345
[SwitchC-ipsec-policy-manual-policy001-10] sa spi inbound esp 12345
[SwitchC-ipsec-policy-manual-policy001-10] sa string-key outbound esp abcdefg
[SwitchC-ipsec-policy-manual-policy001-10] sa string-key inbound esp abcdefg
[SwitchC-ipsec-policy-manual-policy001-10] quit
Apply the IPsec policies in the RIPng process:
4.
266
Advertisement
Table of Contents
Troubleshooting
