R3303-HP 6600/HSR6600 Routers Security Configuration Guide
289
-----------------------------
PFS: N, DH group: none
tunnel:
local address: 1.1.1.1
remote address: 1.1.1.2
flow :
sour addr: 0.0.0.0/0.0.0.0 port: 0 protocol: IP
dest addr: 0.0.0.0/0.0.0.0 port: 0 protocol: IP
[inbound ESP SAs]
spi: 0x75b6ef44 (1974923076)
transform: ESP-ENCRYPT-DES ESP-AUTH-MD5
in use setting: Tunnel
connection id: 15
sa duration (kilobytes/sec): 1843200/3600
sa remaining duration (kilobytes/sec): 1843199/3503
anti-replay detection: Enabled
anti-replay window size(counter based): 32
udp encapsulation used for nat traversal: N
[outbound ESP SAs]
spi: 0x8cf16c54(2364632148)
transform: ESP-ENCRYPT-DES ESP-AUTH-MD5
sa duration (kilobytes/sec): 1843200/3600
sa remaining duration (kilobytes/sec): 1843199/3503
anti-replay detection: Enabled
anti-replay window size(counter based) : 32
udp encapsulation used for nat traversal: N
# On Router B, ping the IP address of the interface on Router A that connects to the branch.
[RouterB] ping -a 192.168.1.1 172.17.17.1
PING 172.17.17.1: 56 data bytes, press CTRL_C to break
Reply from 172.17.17.1: bytes=56 Sequence=1 ttl=255 time=15 ms
Reply from 172.17.17.1: bytes=56 Sequence=2 ttl=255 time=10 ms
Reply from 172.17.17.1: bytes=56 Sequence=3 ttl=255 time=10 ms
Reply from 172.17.17.1: bytes=56 Sequence=4 ttl=255 time=5 ms
Reply from 172.17.17.1: bytes=56 Sequence=5 ttl=255 time=4 ms
--- 172.17.17.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 4/8/15 ms
Similarly, you can view the information on Router A. (Details not shown.)
Configuring IPsec for RIPng
The IPsec configuration procedures for protecting OSPFv3 and IPv6 BGP are similar. For more
information about RIPng, OSPFv3, and IPv6 BGP, see Layer 3—IP Routing Configuration Guide.