R3303-HP HSR6800 Routers Layer 3 - IP Routing Configuration Guide
347
[RouterC-ipsec-policy-manual-policy002-10] sa spi inbound esp 54321
[RouterC-ipsec-policy-manual-policy002-10] sa string-key outbound esp gfedcba
[RouterC-ipsec-policy-manual-policy002-10] sa string-key inbound esp gfedcba
[RouterC-ipsec-policy-manual-policy002-10] quit
4. Apply the IPsec policies in areas:
# Configure Router A.
[RouterA] ospfv3 1
[RouterA-ospfv3-1] area 1
[RouterA-ospfv3-1-area-0.0.0.1] enable ipsec-policy policy001
[RouterA-ospfv3-1-area-0.0.0.1] quit
[RouterA-ospfv3-1] quit
# Configure Router B.
[RouterB] ospfv3 1
[RouterB-ospfv3-1] area 0
[RouterB-ospfv3-1-area-0.0.0.0] enable ipsec-policy policy002
[RouterB-ospfv3-1-area-0.0.0.0] quit
[RouterB-ospfv3-1] area 1
[RouterB-ospfv3-1-area-0.0.0.1] enable ipsec-policy policy001
[RouterB-ospfv3-1-area-0.0.0.1] quit
[RouterB-ospfv3-1] quit
# Configure Router C.
[RouterC] ospfv3 1
[RouterC-ospfv3-1] area 0
[RouterC-ospfv3-1-area-0.0.0.0] enable ipsec-policy policy002
[RouterC-ospfv3-1-area-0.0.0.0] quit
[RouterC-ospfv3-1] quit
5. Verify the configuration:
OSPFv3 packets between Routers A, B and C are protected by IPsec.
Troubleshooting OSPFv3 configuration
No OSPFv3 neighbor relationship established
Symptom
No OSPFv3 neighbor relationship can be established.
Analysis
If the physical link and lower protocol function correctly, check OSPFv3F parameters configured on
interfaces. The two neighboring interfaces must have the same parameters, such as the area ID, network
segment and mask, and network type. If the network type is broadcast, at least one interface must have
a DR priority higher than 0.
Solution
1. Display neighbor information using the display ospfv3 peer command.
2. Display OSPFv3 interface information using the display ospfv3 interface command.