Comware Based
cancel
Showing results for 
Search instead for 
Did you mean: 

IKE-based IPsec tunnel on HP A3600-24-PoE+ v2 EI

pattap
Regular Advisor

IKE-based IPsec tunnel on HP A3600-24-PoE+ v2 EI

Hi All 

I'm tryinig to configure IKE based IPsec following official HP configuration guide. However my 3600's don't seem to like some of the commands;

The below is directly from the guide:

# Assign an IP address to VLAN-interface 1.

 [SwitchA] interface vlan-interface 1

[SwitchA-Vlan-interface1] ip address 2.2.2.1 255.255.255.0

[SwitchA-Vlan-interface1] quit

# Define an ACL to identify data flows from Switch A to Switch B.

[SwitchA] acl number 3101

[SwitchA-acl-adv-3101] rule 0 permit ip source 2.2.2.1 0 destination 2.2.3.1 0

[SwitchA-acl-adv-3101] rule 5 permit ip source 2.2.3.1 0 destination 2.2.2.1 0

[SwitchA-acl-adv-3101] quit # Create an IPsec proposal named tran1.

[SwitchA] ipsec proposal tran1 # Specify the encapsulation mode as tunnel.

[SwitchA-ipsec-proposal-tran1] encapsulation-mode tunnel

# Specify the security protocol as ESP.

[SwitchA-ipsec-proposal-tran1] transform esp

# Specify the algorithms for the proposal.

[SwitchA-ipsec-proposal-tran1] esp encryption-algorithm aes 128

[SwitchA-ipsec-proposal-tran1] esp authentication-algorithm sha1

[SwitchA-ipsec-proposal-tran1] quit

# Configure the IKE peer

[SwitchA] ike peer peer

[SwitchA-ike-peer-peer] pre-shared-key Ab12<><>

[SwitchA-ike-peer-peer] remote-address 2.2.3.1

[SwitchA-ike-peer-peer] quit

I get to the point where I suppose to configure IKE peer but there is no such commands available. 

Is there some sort of license restriction for these? 

software on the switches is Version 5.20.99, Release 2103

1 REPLY
wuwik
Member

Re: IKE-based IPsec tunnel on HP A3600-24-PoE+ v2 EI

Hi,
What You have in:
[SwitchA-ipsec-proposal-tran1] display version  ??