[RouterB] ipsec transform-set tran1
[RouterB-ipsec-transform-set-tran1] encapsulation-mode transport
[RouterB-ipsec-transform-set-tran1] transform esp
[RouterB-ipsec-transform-set-tran1] esp encryption-algorithm des
[RouterB-ipsec-transform-set-tran1] esp authentication-algorithm sha1
[RouterB-ipsec-transform-set-tran1] quit
[RouterB] ipsec policy policy001 10 manual
[RouterB-ipsec-policy-manual-policy001-10] transform-set tran1
[RouterB-ipsec-policy-manual-policy001-10] sa spi outbound esp 12345
[RouterB-ipsec-policy-manual-policy001-10] sa spi inbound esp 12345
[RouterB-ipsec-policy-manual-policy001-10] sa string-key outbound esp abcdefg
[RouterB-ipsec-policy-manual-policy001-10] sa string-key inbound esp abcdefg
[RouterB-ipsec-policy-manual-policy001-10] quit
[RouterB] ipsec transform-set tran2
[RouterB-ipsec-transform-set-tran2] encapsulation-mode transport
[RouterB-ipsec-transform-set-tran2] transform esp
[RouterB-ipsec-transform-set-tran2] esp encryption-algorithm des
[RouterB-ipsec-transform-set-tran2] esp authentication-algorithm sha1
[RouterB-ipsec-transform-set-tran2] quit
[RouterB] ipsec policy policy002 10 manual
[RouterB-ipsec-policy-manual-policy002-10] transform-set tran2
[RouterB-ipsec-policy-manual-policy002-10] sa spi outbound esp 54321
[RouterB-ipsec-policy-manual-policy002-10] sa spi inbound esp 54321
[RouterB-ipsec-policy-manual-policy002-10] sa string-key outbound esp gfedcba
[RouterB-ipsec-policy-manual-policy002-10] sa string-key inbound esp gfedcba
[RouterB-ipsec-policy-manual-policy002-10] quit
# On Router C, create an IPsec proposal named tran2, and set the encapsulation mode to
transport mode, the security protocol to ESP, the encryption algorithm to DES, and
authentication algorithm to SHA1. Create an IPsec policy named policy002, specify the
manual mode for it, reference IPsec proposal tran2, set the SPIs of the inbound and outbound
SAs to 54321, and the keys for the inbound and outbound SAs using ESP to gfedcba.
[RouterC] ipsec transform-set tran2
[RouterC-ipsec-transform-set-tran2] encapsulation-mode transport
[RouterC-ipsec-transform-set-tran2] transform esp
[RouterC-ipsec-transform-set-tran2] esp encryption-algorithm des
[RouterC-ipsec-transform-set-tran2] esp authentication-algorithm sha1
[RouterC-ipsec-transform-set-tran2] quit
[RouterC] ipsec policy policy002 10 manual
[RouterC-ipsec-policy-manual-policy002-10] transform-set tran2
[RouterC-ipsec-policy-manual-policy002-10] sa spi outbound esp 54321
[RouterC-ipsec-policy-manual-policy002-10] sa spi inbound esp 54321
[RouterC-ipsec-policy-manual-policy002-10] sa string-key outbound esp gfedcba
[RouterC-ipsec-policy-manual-policy002-10] sa string-key inbound esp gfedcba
[RouterC-ipsec-policy-manual-policy002-10] quit
Apply the IPsec policies in areas:
4.
# Configure Router A.
[RouterA] ospfv3 1
[RouterA-ospfv3-1] area 1
[RouterA-ospfv3-1-area-0.0.0.1] enable ipsec-policy policy001
334