R3721-F3210-F3171-HP High-End Firewalls VPN Configuration Guide-6PW101
187
Task Command
Remarks
Display IPsec policy
template information.
display ipsec policy-template [ brief | name
template-name [ seq-number ] ] [ | { begin | exclude |
include } regular-expression ]
Available in any
view
Display the configuration of
IPsec profiles.
display ipsec profile [ name profile-name ] [ | { begin |
exclude | include } regular-expression ]
Available in any
view
Display IPsec proposal
information.
display ipsec proposal [ proposal-name ] [ | { begin |
exclude | include } regular-expression ]
Available in any
view
Display IPsec SA
information.
display ipsec sa [ brief | policy policy-name
[ seq-number ] | remote ip-address ] [ | { begin | exclude
| include } regular-expression ]
Available in any
view
Display IPsec packet
statistics.
display ipsec statistics [ tunnel-id integer ] [ | { begin |
exclude | include } regular-expression ]
Available in any
view
Display IPsec tunnel
information.
display ipsec tunnel [ | { begin | exclude | include }
regular-expression ]
Available in any
view
Clear SAs.
reset ipsec sa [ parameters dest-address protocol spi |
policy policy-name [ seq-number ] | remote ip-address ]
Available in user
view
Clear IPsec statistics. reset ipsec statistics
Available in user
view
IPsec configuration examples
Manual mode IPsec tunnel for IPv4 packets configuration
example in the web interface
Network requirements
As shown in Figure 120, configure an IPsec tunnel between Device A and Device B to protect traffic
between subnet 10.1.1.0/24 and subnet 10.1.2.0/24. Configure the tunnel to use the security protocol
ESP, the encryption algorithm DES, and the authentication algorithm SHA-1. Enable IPsec RRI on Device
A and specify the next hop as 2.2.2.2.
Figure 120 Network diagram
Configuring Device A
# Assign IP addresses for the interfaces and then add them to target zones. (Details not shown.)