R0106-HP MSR Router Series Layer 3 - IP Routing Configuration Guide(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

401

402

403

404

405

406

407

408

409

410

396

# Create a manual IPsec profile named profile001.

[RouterB] ipsec profile profile001 manual

# Reference IPsec transform set protrf1.

[RouterB-ipsec-profile-profile001-manual] transform-set protrf1

# Configure the inbound and outbound SPIs for ESP.

[RouterB-ipsec-profile-profile001-manual] sa spi inbound esp 256

[RouterB-ipsec-profile-profile001-manual] sa spi outbound esp 256

# Configure the inbound and outbound SA keys for ESP.

[RouterB-ipsec-profile-profile001-manual] sa string-key inbound esp simple abc

[RouterB-ipsec-profile-profile001-manual] sa string-key outbound esp simple abc

[RouterB-ipsec-profile-profile001-manual] quit

{ On Router C:

# Create an IPsec transform set named protrf1.

[RouterC] ipsec transform-set protrf1

# Specify the ESP encryption and authentication algorithms.

[RouterC-ipsec-transform-set-protrf1] esp encryption-algorithm 3des-cbc

[RouterC-ipsec-transform-set-protrf1] esp authentication-algorithm md5

# Specify the encapsulation mode as transport.

[RouterC-ipsec-transform-set-protrf1] encapsulation-mode transport

[RouterC-ipsec-transform-set-protrf1] quit

# Create a manual IPsec profile named profile001.

[RouterC] ipsec profile profile001 manual

# Reference IPsec transform set protrf1.

[RouterC-ipsec-profile-profile001-manual] transform-set protrf1

# Configure the inbound and outbound SPIs for ESP.

[RouterC-ipsec-profile-profile001-manual] sa spi inbound esp 256

[RouterC-ipsec-profile-profile001-manual] sa spi outbound esp 256

# Configure the inbound and outbound SA keys for ESP.

[RouterC-ipsec-profile-profile001-manual] sa string-key inbound esp simple abc

[RouterC-ipsec-profile-profile001-manual] sa string-key outbound esp simple abc

[RouterC-ipsec-profile-profile001-manual] quit

4. Apply the IPsec profiles to the RIPng process:

# Configure Router A.

[RouterA] ripng 1

[RouterA-ripng-1] enable ipsec-profile profile001

[RouterA-ripng-1] quit

# Configure Router B.

[RouterB] ripng 1

[RouterB-ripng-1] enable ipsec-profile profile001

[RouterB-ripng-1] quit

# Configure Router C.

[RouterC] ripng 1

[RouterC-ripng-1] enable ipsec-profile profile001

[RouterC-ripng-1] quit