Ipsec vpn configuration example, Network requirements, Configuring router a – H3C Technologies H3C MSR 50 User Manual

9

Field Description

Last Connection Error

The most recent error, if any. Possible values include:

•

ERROR_NONE—No error occurred.

•

ERROR_QM_FSM_ERROR—State machine error.

•

ERROR_PHASEI_FAIL—Error occurred in phase 1.

•

ERROR_PHASEI_PROPOSAL_UNMATCHED—No matching security proposal in

phase 1.

•

ERROR_PHASEII_PROPOSAL_UNMATCHED—No matching security proposal in

phase 2.

•

ERROR_NAT_TRAVERSAL_ERROR—NAT traversal error.

•

ERROR_PHASEII_FAIL—Error occurred in phase 2.

•

ERROR_INVALID_SPI—SPI error.

•

ERROR_UNKNOWN—Unknown error.

Table 160 Fields of the IPsec tunnel list

Field Description

Characteristics of Traffic

Characteristics of the IPsec protected traffic, including the source
address/wildcard, destination address/wildcard, protocol, source port, and

destination port.

SPI

Inbound and outbound SPIs, and the security protocols used.

IPsec VPN configuration example

Network requirements

As shown in

Figure 373

, configure an IPsec tunnel between Router A and Router B to protect traffic

between subnet 10.1.1.0/24 and subnet 10.1.2.0/24. Enable IPsec RRI on Router A and specify the next
hop as 2.2.2.2.

Figure 373 Network diagram

Configuring Router A

1.

Assign IP addresses to the interfaces. (Details not shown.)

2.

Configure an IPsec connection:

a.

Select VPN > IPsec VPN from the navigation tree.