Ipsec configuration example, Network requirements, Configuring ac 1 – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 885

Advertising
background image

864

Figure 919 Packet statistics

IPsec configuration example

Network requirements

As shown in

Figure 641

, an enterprise branch accesses the headquarters through IPsec VPN. Configure

the IPsec VPN as follows:

Configure an IPsec tunnel between AC 1 and AC 1 to protect traffic between the headquarters
subnet 10.1.1.0/24 and the branch subnet 10.1.2.0/24.

Configure the tunnel to use the security protocol ESP, encryption algorithm DES, and authentication
algorithm SHA-1.

Enable IPsec RRI on AC 1, so AC 1 can automatically create a static route from the headquarters to
the branch when the IPsec SA is established. Specify the next hop as 2.2.2.2.

Figure 920 Network diagram

Configuring AC 1

1.

Configure IP addresses for the interfaces, and assign the interfaces to target zones. (Details not
shown.)

2.

Define ACL 3101 to permit packets from subnet 10.1.1.0/24 to subnet 10.1.2.0/24:

Headquarter

Branch

Internet

Device A

Device B

GE0/1
2.2.2.1/24

GE0/1

2.2.3.1/24

GEth0/0

10.1.1.1/24

GE0/0
10.1.2.1/24

Host A

10.1.1.2/24

Host B

10.1.2.2/24

Advertising
This manual is related to the following products:

H3C WX5500E Series Access Controllers, H3C WX3500E Series Access Controllers, H3C WX2500E Series Access Controllers, H3C WX6000 Series Access Controllers, H3C WX5000 Series Access Controllers, H3C LSUM3WCMD0 Access Controller Module, H3C LSUM1WCME0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module

Popular Brands
Popular manuals