R3166-R3206-HP High-End Firewalls VPN Configuration Guide-6PW101
53
• Select Deny from the Operation drop-down box.
• Click Apply.
# Configure a static route to Host A.
• Select Network > Routing Management > Static Routing from the navigation tree, and then click
Add.
• Type 10.1.1.0 as the destination IP address.
• Type 255.255.255.0 as the mask.
• Select GigabitEthernet 0/2 as the outbound interface.
• Click Apply.
# Configure an IPsec proposal named tran1.
• Select VPN > IPSec > Proposal from the navigation tree and then click Add.
• Select Custom mode from the IPSec Proposal Configuration Wizard page.
• Type tran1 as the name of the IPsec proposal.
• Select Tunnel as the packet encapsulation mode.
• Select ESP as the security protocol.
• Select SHA1 as the ESP authentication algorithm.
• Select DES as the ESP encryption algorithm.
• Click Apply.
# Configure the IKE peer.
• Select VPN > IKE > P
eer from the navigation tree and then click Add.
• Type peer as the peer name.
• Select Main as the negotiation mode.
• Select IP Address as the local ID type.
• Type 2.2.2.1 as the IP address of the remote gateway.
• Select Pre-Shared Key and type abcde as the pre-shared key.
• Click Apply.
# Configure an IPsec policy.
• Select VPN > IPSec > Policy from the navigation tree and then click Add.
• Type use1 as the policy name.
• Type 10 as the sequence number.
• Select the IKE peer of peer.
• Select the IPsec proposal of tran1 and click <<.
• Type 3101 as the ACL.
• Click Apply.
# Apply the IPsec policy.
• Select VPN > IPSec > IPSec Application from the navigation tree, and then click the icon of
interface GigabitEthernet 0/2.
• Select the policy of use1.
• Click Apply.