Example for configuring ipsec for ripng, Network requirements – H3C Technologies H3C SecPath F1000-E User Manual

32

[inbound ESP SAs]

spi: 1974923076 (0x75b6ef44)

proposal: ESP-ENCRYPT-DES ESP-AUTH-MD5

sa duration (kilobytes/sec): 1843200/3600

sa remaining duration (kilobytes/sec): 1843199/3503

max received sequence-number: 5

anti-replay check enable: Y

anti-replay window size: 32

udp encapsulation used for nat traversal: N

[outbound ESP SAs]

spi: 2364632148 (0x8cf16c54)

proposal: ESP-ENCRYPT-DES ESP-AUTH-MD5

sa duration (kilobytes/sec): 1843200/3600

sa remaining duration (kilobytes/sec): 1843199/3503

max sent sequence-number: 6

udp encapsulation used for nat traversal: N

On Device B, ping the IP address of the interface on Device A that connects to the branch.

[DeviceB] ping -a 192.168.1.1 172.17.17.1

PING 172.17.17.1: 56 data bytes, press CTRL_C to break

Reply from 172.17.17.1: bytes=56 Sequence=1 ttl=255 time=15 ms

Reply from 172.17.17.1: bytes=56 Sequence=2 ttl=255 time=10 ms

Reply from 172.17.17.1: bytes=56 Sequence=3 ttl=255 time=10 ms

Reply from 172.17.17.1: bytes=56 Sequence=4 ttl=255 time=5 ms

Reply from 172.17.17.1: bytes=56 Sequence=5 ttl=255 time=4 ms

--- 172.17.17.1 ping statistics ---

5 packet(s) transmitted

5 packet(s) received

0.00% packet loss

round-trip min/avg/max = 4/8/15 ms

Similarly, you can view the information on Device A. (Omitted)

Example for Configuring IPsec for RIPng

NOTE:

For RIPng, OSPFv3, and IPv6 BGP, IPsec is configured similarly. For detailed configuration, refer to

RIPng

Configuration, OSPFv3 Configuration and IPv6 BGP Configuration in IP Routing Volume.

Network requirements

As shown in

Figure 8

, Device B connects Device A and Device C. These Devices learn IPv6 routing

information through RIPng.

•

RIPng packets between two devices are transmitted through an IPsec tunnel.

•

The security protocol to be used is ESP, encryption algorithm is DES, and authentication algorithm
is SHA1-HMAC-96.