3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

161

162

163

164

165

166

167

168

169

170

IPsec Configuration Example 169

[3Com-Vlan-interface30] ip address 30.0.0.1 24

[3Com-Vlan-interface30] quit

# Configure the static route.

[SW8800] ip route-static 0.0.0.0 0 30.0.0.254

# Configure aggregation of IPsec module interfaces (the module resides in slot 2).

[SW8800] secblade aggregation slot 2

# Create the secblade test.

[SW8800] secblade test

# Specify the SecBlade interface VLAN.

[3Com-secblade-test] secblade-interface vlan-interface 30

# Set the protected VLAN.

[3Com-secblade-test] security-vlan 50

# Map the IPsec module to the IPsec module of the specified slot.

[3Com-secblade-test] map to slot 2

[3Com-secblade-test] quit

[SW8800] quit

# Log into the IPsec module of the specified slot (Both user name and password

are secblade by default).

<SW8800> secblade slot 2

user: SecBlade

password: SecBlade

<secblade> system-view

# Create a sub-interface.

[secblade] interface GigabitEthernet 0/0.1

[secblade-GigabitEthernet0/0.1] vlan-type dot1q vid 30

[secblade-GigabitEthernet0/0.1] ip address 30.0.0.254 24

[secblade-GigabitEthernet0/0.1] quit

[secblade] interface GigabitEthernet 0/0.2

[secblade-GigabitEthernet0/0.2] vlan-type dot1q vid 50

[secblade-GigabitEthernet0/0.2] ip address 50.0.0.254 24

[secblade-GigabitEthernet0/0.2] quit

# Configure the ACL rule.

[secblade] acl number 3000

[secblade-acl-adv-3000] rule permit ip source 10.0.0.0 0.0.0.255

destination 20.0.0.0 0.0.0.255

[secblade-acl-adv-3000] quit

# Configure the IPSEC IKE.