H3C Technologies H3C S5560 Series Switches User Manual

Page 425

Advertising
background image

409

# Create an IPsec transform set named trans.

[SwitchA] ipsec transform-set trans

# Specify the encapsulation mode as transport.

[SwitchA-ipsec-transform-set-trans] encapsulation-mode transport

# Specify the ESP encryption and authentication algorithms.

[SwitchA-ipsec-transform-set-trans] esp encryption-algorithm 3des-cbc

[SwitchA-ipsec-transform-set-trans] esp authentication-algorithm md5

# Specify the AH authentication algorithm.

[SwitchA-ipsec-transform-set-trans] ah authentication-algorithm md5

[SwitchA-ipsec-transform-set-trans] quit

# Create a manual IPsec profile named profile001.

[SwitchA] ipsec profile profile001 manual

# Reference IPsec transform set trans.

[SwitchA-ipsec-profile-profile001-manual] transform-set trans

# Configure the inbound and outbound SPIs for AH.

[SwitchA-ipsec-profile-profile001-manual] sa spi inbound ah 111111111

[SwitchA-ipsec-profile-profile001-manual] sa spi outbound ah 111111111

# Configure the inbound and outbound SPIs for ESP.

[SwitchA-ipsec-profile-profile001-manual] sa spi inbound esp 200000

[SwitchA-ipsec-profile-profile001-manual] sa spi outbound esp 200000

# Configure the inbound and outbound SA keys for AH.

[SwitchA-ipsec-profile-profile001-manual] sa string-key inbound ah simple abc

[SwitchA-ipsec-profile-profile001-manual] sa string-key outbound ah simple abc

# Configure the inbound and outbound SA keys for ESP.

[SwitchA-ipsec-profile-profile001-manual] sa string-key inbound esp simple 123

[SwitchA-ipsec-profile-profile001-manual] sa string-key outbound esp simple 123

[SwitchA-ipsec-profile-profile001-manual] quit

{

On Switch B:
# Create an IPsec transform set named trans.

[SwitchB] ipsec transform-set trans

# Specify the encapsulation mode as transport.

[SwitchB-ipsec-transform-set-trans] encapsulation-mode transport

# Specify the ESP encryption and authentication algorithms.

[SwitchB-ipsec-transform-set-trans] esp encryption-algorithm 3des-cbc

[SwitchB-ipsec-transform-set-trans] esp authentication-algorithm md5

# Specify the AH authentication algorithm.

[SwitchB-ipsec-transform-set-trans] ah authentication-algorithm md5

[SwitchB-ipsec-transform-set-trans] quit

# Create a manual IPsec profile named profile001.

[SwitchB] ipsec profile profile001 manual

# Reference IPsec transform set trans.

[SwitchB-ipsec-profile-profile001-manual] transform-set trans

# Configure the inbound and outbound SPIs for AH.

[SwitchB-ipsec-profile-profile001-manual] sa spi inbound ah 111111111

[SwitchB-ipsec-profile-profile001-manual] sa spi outbound ah 111111111

Advertising
This manual is related to the following products:

H3C S5130 Series Switches, H3C S5120 Series Switches

Popular Brands
Popular manuals