Manualshelf

R3721-F3210-F3171-HP High-End Firewalls Network Management Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
831832833834835836837838839840
Table Of Contents
818
Figure 392 Network diagram
Configuration procedure
NOTE:
In this example, RIPng is configured to ensure the reachability among devices.
1. Configure Firewall A:
# Configure RIPng.
<FirewallA> system-view
[FirewallA] ipv6
[FirewallA] ripng 1
[FirewallA-ripng-1] quit
[FirewallA] interface gigabitethernet0/3
[FirewallA-GigabitEthernet0/3] ipv6 address 1::1 64
[FirewallA-GigabitEthernet0/3] ripng 1 enable
[FirewallA-GigabitEthernet0/3] quit
[FirewallA] interface gigabitethernet00/2
[FirewallA-GigabitEthernet0/2] ipv6 address 2::1 64
[FirewallA-GigabitEthernet0/2] ripng 1 enable
[FirewallA-GigabitEthernet0/2] quit
# Define ACL 3001 to match TCP packets.
[FirewallA] acl ipv6 number 3001
[FirewallA-acl6-adv-3001] rule permit tcp
[FirewallA-acl6-adv-3001] quit
# Define Node 5 of policy aaa, so that TCP packets are forwarded via GigabitEthernet 0/3.
[FirewallA] ipv6 policy-based-route aaa permit node 5
[FirewallA-pbr6-aaa-5] if-match acl6 3001
[FirewallA-pbr6-aaa-5] apply ipv6-address next-hop 1::2