Manualshelf

R3721-F3210-F3171-HP High-End Firewalls Network Management Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
811812813814815816817818819820
Table Of Contents
792
[FirewallC-ipsec-policy-manual-policy002-10] quit
5. Apply IPsec policies to iBGP peers.
# Configure Firewall A.
[FirewallA] bgp 65008
[FirewallA-bgp] ipv6-family
[FirewallA-bgp-af-ipv6] peer 1::2 ipsec-policy policy001
[FirewallA-bgp-af-ipv6] quit
[FirewallA-bgp] quit
# Configure Firewall B.
[FirewallB] bgp 65008
[FirewallB-bgp] ipv6-family
[FirewallB-bgp-af-ipv6] peer 1::1 ipsec-policy policy001
[FirewallB-bgp-af-ipv6] quit
[FirewallB-bgp] quit
6. Apply IPsec policies to EBGP peers.
# Configure Firewall C.
[FirewallC] bgp 65009
[FirewallC-bgp] ipv6-family
[FirewallC-bgp-af-ipv6] peer ebgp ipsec-policy policy002
[FirewallC-bgp-af-ipv6] quit
[FirewallC-bgp] quit
# Configure Firewall B.
[FirewallB] bgp 65008
[FirewallB-bgp] ipv6-family
[FirewallB-bgp-af-ipv6] peer ebgp ipsec-policy policy002
[FirewallB-bgp-af-ipv6] quit
[FirewallB-bgp] quit
7. Verify the configuration.
# Display detailed IPv6 BGP peer information.
[FirewallB] display bgp ipv6 peer verbose
BGP Peer is 1::1, remote AS 65008,
Type: IBGP link
BGP version 4, remote router ID 1.1.1.1
BGP current state: Established, Up for 00h01m51s
BGP current event: RecvKeepalive
BGP last state: OpenConfirm
Port: Local – 1029 Remote - 179
Configured: Active Hold Time: 180 sec Keepalive Time: 60 sec
Received : Active Hold Time: 180 sec
Negotiated: Active Hold Time: 180 sec
Peer optional capabilities:
Peer support bgp multi-protocol extended
Peer support bgp route refresh capability
Address family IPv4 Unicast: advertised and received
Received: Total 0 messages, Update messages 0
Sent: Total 0 messages, Update messages 0