Table of Contents
Advertisement
3Com Router 3000 Ethernet Family
Configuration Guide
[3Com-ike-peer-peer] remote-address 13.0.0.1
[3Com-ike-peer-peer] local-address 10.0.0.5
[3Com-ike-peer-peer] dpd dpd1
[3Com-ike-peer-peer] quit
# Create an IPSec policy, setting negotiation mode to ISAKMP.
[3Com] ipsec policy map1 10 isakmp
[3Com-ipsec-policy-isakmp-map1-10] proposal tran1
[3Com-ipsec-policy-isakmp-map1-10] security acl 3101
[3Com-ipsec-policy-isakmp-map1-10] ike-peer peer
[3Com-ipsec-policy-isakmp-map1-10] quit
# Apply a security policy group to the interface.
[3Com] interface ethernet 0/0/0
[3Com-Ethernet0/0/0] ipsec policy map1
[3Com-Ethernet0/0/0] quit
3)
Configure Router E
# Configure the data flow protected by IPSec.
[3Com] acl number 3101
[3Com-acl-adv-3101] rule 0 permit ip source 12.0.0.0 0.0.0.255 destination
11.0.0.0 0.0.0.255
[3Com-acl-adv-3101] rule deny ip source any destination any
[3Com-acl-adv-3101] quit
# Configure a static route to host A.
[3Com] ip route-static 0.0.0.0 0.0.0.0 13.0.0.4 preference 60
# Configure IPSec DPD.
[3Com] ike dpd dpd1
[3Com-ike-dpd-dpd1] interval_time 10
[3Com-ike-dpd-dpd1] time_out 5
[3Com-ike-dpd-dpd1] quit
# Create a security proposal named tran1 (the content is omitted).
[3Com] ipsec proposal tran1
# Configure an IKE peer.
[3Com] ike peer peer
[3Com-ike-peer-peer] pre-shared-key abcde
[3Com-ike-peer-peer] remote-address 10.0.0.5
[3Com-ike-peer-peer] local-address 13.0.0.1
[3Com-ike-peer-peer] dpd dpd1
[3Com-ike-peer-peer] quit
# Create a security policy, setting negotiation mode to ISAKMP.
3Com Corporation
7-43
Chapter 7 IPSec Configuration
Advertisement
Chapters
Table of Contents
Troubleshooting
