H3C Technologies H3C S5560 Series Switches User Manual

Page 339

Advertising
background image

323

# Set the SPIs of the inbound and outbound SAs to 12345.

[SwitchB-ipsec-profile-policy001-manual] sa spi outbound esp 12345

[SwitchB-ipsec-profile-policy001-manual] sa spi inbound esp 12345

# Set the keys for the inbound and outbound SAs using ESP to abcdefg.

[SwitchB-ipsec-profile-policy001-manual] sa string-key outbound esp simple abcdefg

[SwitchB-ipsec-profile-policy001-manual] sa string-key inbound esp simple abcdefg

[SwitchB-ipsec-profile-policy001-manual] quit

# Create an IPsec transform set named tran2.

[SwitchB] ipsec transform-set tran2

# Set the encapsulation mode to transport mode.

[SwitchB-ipsec-transform-set-tran2] encapsulation-mode transport

# Set the security protocol to ESP, the encryption algorithm to DES, and authentication algorithm

to SHA1.

[SwitchB-ipsec-transform-set-tran2] esp encryption-algorithm des

[SwitchB-ipsec-transform-set-tran2] esp authentication-algorithm sha1

[SwitchB-ipsec-transform-set-tran2] quit

# Create IPsec profile named policy002, and specify the manual mode for it.

[SwitchB] ipsec profile policy002 manual

# Reference IPsec transform set tran2.

[SwitchB-ipsec-profile-policy002-manual] transform-set tran2

# Set the SPIs of the inbound and outbound SAs to 54321.

[SwitchB-ipsec-profile-policy002-manual] sa spi outbound esp 54321

[SwitchB-ipsec-profile-policy002-manual] sa spi inbound esp 54321

# Set the keys for the inbound and outbound SAs using ESP to gfedcba.

[SwitchB-ipsec-profile-policy002-manual] sa string-key outbound esp simple gfedcba

[SwitchB-ipsec-profile-policy002-manual] sa string-key inbound esp simple gfedcba

[SwitchB-ipsec-profile-policy002-manual] quit

# On Switch C, create an IPsec transform set named tran2.

[SwitchC] ipsec transform-set tran2

# Set the encapsulation mode to transport mode.

[SwitchC-ipsec-transform-set-tran2] encapsulation-mode transport

# Set the security protocol to ESP, the encryption algorithm to DES, and authentication algorithm
to SHA1.

[SwitchC-ipsec-transform-set-tran2] esp encryption-algorithm des

[SwitchC-ipsec-transform-set-tran2] esp authentication-algorithm sha1

[SwitchC-ipsec-transform-set-tran2] quit

# Create IPsec profile named policy002, and specify the manual mode for it.

[SwitchC] ipsec profile policy002 manual

# Reference IPsec transform set tran2.

[SwitchC-ipsec-profile-policy002-manual] transform-set tran2

# Set the SPIs of the inbound and outbound SAs to 54321.

[SwitchC-ipsec-profile-policy002-manual] sa spi outbound esp 54321

[SwitchC-ipsec-profile-policy002-manual] sa spi inbound esp 54321

# Set the keys for the inbound and outbound SAs using ESP to gfedcba.

[SwitchC-ipsec-profile-policy002-manual] sa string-key outbound esp simple gfedcba

Advertising
This manual is related to the following products:

H3C S5130 Series Switches, H3C S5120 Series Switches

Popular Brands
Popular manuals