HP ProCurve Secure Router 7203 dl Advanced Management And Configuration Manual page 407
Secure router
Hide thumbs
Also See for ProCurve Secure Router 7203 dl:
- Configuration manual (1114 pages) ,
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages)
Table of Contents
Advertisement
matches the packet already exists, then the router secures the packet with the
keys contained in the SA, inserts the associated SPI, and forwards the packet
to its destination.
LAN
Match
Router searches for existing
IPSec SA that matches this
traffic
SA exits
Router:
• hashes and encrypts packet
• inserts IPSec header
• adds SPI and new IP header
• forwards packet
main or
aggressive
Figure 8-3. How the ProCurve Secure Router Processes Crypto Maps
Router
crypto
map VPN
0
ACL
A
1
ACL
B
IKE policy 1
IKE policy 2
Packet arrives on the VPN
interface from LAN
Router matches source and
destination IP to ACL A
Router looks for match
in ACL B
Router forwards packet, but
not over the VPN tunnel
SA does not exit
Match
Router looks up initiate mode
Initiate
IKE negotiates IPSec SA
with peer
Configuring a VPN Using IPSec
Internet
VPN tunnel
No
match
No
match
Router searches IKE policy 1
for the peer ID in the crypto
map entry
Match
Router searches IKE policy 2
Router discards packet
No initiate
Virtual Private Networks
Router
No
match
No
match
8-21
Advertisement
Chapters
Table of Contents
Troubleshooting
Need help?
Do you have a question about the ProCurve Secure Router 7203 dl and is the answer not in the manual?
Questions and answers