R0106-HP MSR Router Series Layer 3 - IP Routing Configuration Guide(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

351

352

353

354

355

356

357

358

359

360

345

[RouterB-ipsec-transform-set-tran1] esp encryption-algorithm des

[RouterB-ipsec-transform-set-tran1] esp authentication-algorithm sha1

[RouterB-ipsec-transform-set-tran1] quit

# Create IPsec profile named policy001, and specify the manual mode for it.

[RouterB] ipsec profile policy001 manual

# Reference IPsec transform set tran1.

[RouterB-ipsec-profile-policy001-manual] transform-set tran1

# Set the SPIs of the inbound and outbound SAs to 12345.

[RouterB-ipsec-profile-policy001-manual] sa spi outbound esp 12345

[RouterB-ipsec-profile-policy001-manual] sa spi inbound esp 12345

# Set the keys for the inbound and outbound SAs using ESP to abcdefg.

[RouterB-ipsec-profile-policy001-manual] sa string-key outbound esp simple abcdefg

[RouterB-ipsec-profile-policy001-manual] sa string-key inbound esp simple abcdefg

[RouterB-ipsec-profile-policy001-manual] quit

# Create an IPsec transform set named tran2.

[RouterB] ipsec transform-set tran2

# Set the encapsulation mode to transport mode.

[RouterB-ipsec-transform-set-tran2] encapsulation-mode transport

# Set the security protocol to ESP, the encryption algorithm to DES, and authentication algorithm

to SHA1.

[RouterB-ipsec-transform-set-tran2] esp encryption-algorithm des

[RouterB-ipsec-transform-set-tran2] esp authentication-algorithm sha1

[RouterB-ipsec-transform-set-tran2] quit

# Create IPsec profile named policy002, and specify the manual mode for it.

[RouterB] ipsec profile policy002 manual

# Reference IPsec transform set tran2.

[RouterB-ipsec-profile-policy002-manual] transform-set tran2

# Set the SPIs of the inbound and outbound SAs to 54321.

[RouterB-ipsec-profile-policy002-manual] sa spi outbound esp 54321

[RouterB-ipsec-profile-policy002-manual] sa spi inbound esp 54321

# Set the keys for the inbound and outbound SAs using ESP to gfedcba.

[RouterB-ipsec-profile-policy002-manual] sa string-key outbound esp simple gfedcba

[RouterB-ipsec-profile-policy002-manual] sa string-key inbound esp simple gfedcba

[RouterB-ipsec-profile-policy002-manual] quit

# On Router C, create an IPsec transform set named tran2.

[RouterC] ipsec transform-set tran2

# Set the encapsulation mode to transport mode.

[RouterC-ipsec-transform-set-tran2] encapsulation-mode transport

# Set the security protocol to ESP, the encryption algorithm to DES, and authentication algorithm

to SHA1.

[RouterC-ipsec-transform-set-tran2] esp encryption-algorithm des

[RouterC-ipsec-transform-set-tran2] esp authentication-algorithm sha1

[RouterC-ipsec-transform-set-tran2] quit

# Create IPsec profile named policy002, and specify the manual mode for it.

[RouterC] ipsec profile policy002 manual