EasyManuals Logo
Home>HP>Network Router>MSR SERIES

HP MSR SERIES Command Reference

HP MSR SERIES
684 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #357 background imageLoading...
Page #357 background image
343
Default
No encryption key is configured for manual IPsec SAs.
Views
IPsec policy view, IPsec profile view
Predefined user roles
network-admin
Parameters
inbound: Specifies a hexadecimal encryption key for inbound SAs.
outbound: Specifies a hexadecimal encryption key for outbound SAs.
esp: Uses ESP.
cipher key-value: Sets a ciphertext encryption key, a case-sensitive string of 1 to 117 characters.
simple key-value: Sets a plaintext encryption key. The key-value argument is case insensitive and must be
an 8-byte hexadecimal string for DES-CBC, a 24-byte hexadecimal string for 3DES-CBC, a 16-byte
hexadecimal string for AES128-CBC, a 24-byte hexadecimal string for AES192-CBC, and a 32-byte
hexadecimal string for AES256-CBC.
Usage guidelines
This command applies to only manual IPsec policies and IPsec profiles.
You must set an encryption key for both the inbound and outbound SAs.
The local inbound SA must use the same encryption key as the remote outbound SA, and the local
outbound SA must use the same encryption key as the remote inbound SA.
In an IPsec profile to be applied to an IPv6 routing protocol, the local encryption keys of the inbound and
outbound SAs must be identical.
If you configure a key in different formats (hexadecimal or character format), only the most recent
configuration takes effect.
The keys for the IPsec SAs at the two tunnel ends must be configured in the same format (either in
hexadecimal or character format). Otherwise, they cannot establish an IPsec tunnel.
For security purposes, all keys, including keys configured in plain text, are saved in cipher text.
Examples
# Configure plaintext encryption keys 0x1234567890abcdef and 0xabcdefabcdef1234 for the inbound
and outbound IPsec SAs that use ESP.
<Sysname> system-view
[Sysname] ipsec policy policy1 100 manual
[Sysname-ipsec-policy-manual-policy1-100] sa hex-key encryption inbound esp simple
1234567890abcdef
[Sysname-ipsec-policy-manual-policy1-100] sa hex-key encryption outbound esp simple
abcdefabcdef1234
Related commands
• display ipsec sa
• sa string-key

Table of Contents

Other manuals for HP MSR SERIES

Preview: Configuration Guide
Configuration Guide889 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP MSR SERIES and is the answer not in the manual?

HP MSR SERIES Specifications

General IconGeneral
BrandHP
ModelMSR SERIES
CategoryNetwork Router
LanguageEnglish

Related product manuals