- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Comware Based
- >
- Help with IPSEC Tunnel between COMWARE5 and COMWAR...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-02-2019 12:41 AM
тАО08-02-2019 12:41 AM
Help with IPSEC Tunnel between COMWARE5 and COMWARE7
Hi there, can anyone provide me an example configuration to create an IPSEC tunnel between an HP5500EI(COMWARE5) and a HP5510(COMWARE7)?
Even a basic setup for both ends would help to allow me to then tweak it, i have not created an IPSEC tunnel before on HP and am struggling to find anything anywhere to show an example configuration for the above setup.
Kind Regards
Barry
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-02-2019 01:38 AM
тАО08-02-2019 01:38 AM
Re: Help with IPSEC Tunnel between COMWARE5 and COMWARE7
Hello,
Since VPN like IPSec is usually done with proper Routers and not Routing Switches, most of the helpful configuration example documents are written using VSR/MSR Routers. However the process should be very similar.
Comware Routers with IPSec VPN Tech Note: https://community.hpe.com/t5/WAN-Routing/RWL-Tech-Note-Comware-Routers-with-IPsec-VPN/td-p/7013435#.XUP1bugzaUk
IPSec with VSR Routers: https://www.vcloudnine.de/hp-vsr1000-how-to-configure-a-ipsec-tunnel/
If you have issues with the commands in Comware 5/7 please check the respective Security Configuration and Security Command guides for your devices. Official docs can be found via https://h10145.www1.hpe.com/support/SupportLookUp.aspx
Justin
Working @ HPE
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-02-2019 02:08 AM
тАО08-02-2019 02:08 AM
Re: Help with IPSEC Tunnel between COMWARE5 and COMWARE7
Hi Justin,
Many thanks for that quick reply, i am starting to wonder if we are perhaps missing something on our HP5500(EI's and HI's) that are COMWARE5, the setup you linked to below is pretty much what i followed for our 5510 side of things on COMWARE7 but our 5500's do not appear to have any IKE commands at all.
Was there perhaps a different firmware that could be downloaded onto 5500's which was not default which brings in more advanced commands?
I have my 5510 setup as per the attached advice, it is really the 5500HI or EI side i am just failing badly on.
Kind Regards
Barry
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-02-2019 02:25 AM
тАО08-02-2019 02:25 AM
Re: Help with IPSEC Tunnel between COMWARE5 and COMWARE7
Hello,
Sorry to hear that, it sounds like the 5500s may not support IPSec. They are End of Sale for quite some time now, so new features cannot be added.
Here are two sample 5500s download pages:
https://h10145.www1.hpe.com/downloads/SoftwareReleases.aspx?ProductNumber=JE094A
https://h10145.www1.hpe.com/downloads/SoftwareReleases.aspx?ProductNumber=JD377A
One has its last release in 2014, and the other in 2017. So if you are running the latest release for your device (based on PN like JD377A), and it does not support IPSec-related commands, then you should consider upgrading to a newer model (like your 5510) that does.
Justin
Working @ HPE