Configuring Ipsec For Ipv6 Routing Protocols - HPE FlexNetwork MSR Series Configuration Manual

Step
753. Enter IPsec policy view or
IPsec policy template view.
754. Enable IPsec RRI.
755. Optional.) Set the preference
value for the static routes
created by IPsec RRI.
756. (Optional.) Set the tag value
for the static routes created
by IPsec RRI.

Configuring IPsec for IPv6 routing protocols

Configuration task list
Complete the following tasks to configure IPsec for IPv6 routing protocols:
Tasks at a glance
(Required.)
(Required.)
(Required.) Applying the IPsec profile to an IPv6 routing protocol (see Layer 3—IP Routing Configuration
Guide)
(Optional.) Enabling logging of IPsec packets
(Optional.) Configuring SNMP notifications for IPsec
(Optional.) Setting the maximum number of IPsec tunnels
(Optional.) Enabling logging of IPsec packets
Configuring a manual IPsec profile
A manual IPsec profile is similar to a manual IPsec policy. The difference is that an IPsec profile is
uniquely identified by a name and it does not support ACL configuration. A manual IPsec profile
specifies the IPsec transform set used for protecting data flows, and the SPIs and keys used by the
SAs.
When you configure a manual IPsec profile, make sure the IPsec profile configuration at both tunnel
ends meets the following requirements:
Configuring an IPsec transform set
Configuring a manual IPsec profile
Command
•
To enter IPsec policy view:
ipsec { policy | ipv6-policy }
policy-name
isakmp
•
To enter IPsec policy template
view:
ipsec { policy-template
ipv6-policy-template
template-name seq-number
reverse-route dynamic
reverse-route preference number
reverse-route tag tag-value
363
Remarks
seq-number
N/A
|
}
By default,
disabled.
IPsec RRI is supported in both
tunnel mode and transport
mode.
The default value is 60.
The default value is 0.
IPsec RRI is