4946| 85
|
H3C认证学习IPSEC实验手册 46页 H3C IPSEC配置手册-很具体很详细 |
H3C认证学习IPSEC实验手册 46页 H3C IPSEC配置手册-很具体很详细 1 IPSec配置.......................................................................................................................................... 1-1 1.1 IPSec简介......................................................................................................................................... 1-1 1.1.1 IPSec的实现........................................................................................................................... 1-1 1.1.2 IPSec基本概念........................................................................................................................ 1-2 1.1.3 加密卡..................................................................................................................................... 1-4 1.1.4 协议规范................................................................................................................................. 1-4 1.2 IPSec配置任务简介........................................................................................................................... 1-4 1.3 配置访问控制列表............................................................................................................................. 1-5 1.4 配置安全提议..................................................................................................................................... 1-5 1.5 配置安全策略..................................................................................................................................... 1-6 1.5.1 手工配置安全策略................................................................................................................... 1-6 1.5.2 配置IKE协商安全策略............................................................................................................. 1-7 1.6 在接口上应用安全策略组................................................................................................................ 1-10 1.7 在加密卡接口上绑定安全策略组或者安全策略................................................................................ 1-11 1.8 使能加密引擎功能........................................................................................................................... 1-11 1.9 使能主体软件备份功能.................................................................................................................... 1-12 1.10 配置会话空闲超时时间.................................................................................................................. 1-12 1.11 使能解封装后IPSec报文的ACL检查功能...................................................................................... 1-12 1.12 配置IPSec抗重放功能................................................................................................................... 1-13 1.13 配置共享源接口安全策略组........................................................................................................... 1-14 1.14 配置QoS预分类功能...................................................................................................................... 1-14 1.15 IPSec显示和维护........................................................................................................................... 1-15 1.16 IPSec典型配置举例....................................................................................................................... 1-15 1.16.1 采用手工方式建立IPSec安全隧道....................................................................................... 1-15 1.16.2 采用IKE方式建立IPSec安全隧道........................................................................................ 1-18 1.16.3 使用加密卡进行加/解密和认证............................................................................................ 1-20 1.16.4 配置IPSec接口备份............................................................................................................ 1-23 2 IKE配置............................................................................................................................................. 2-1 2.1 IKE简介............................................................................................................................................. 2-1 2.1.1 IKE的安全机制........................................................................................................................ 2-1 2.1.2 IKE的交换过程........................................................................................................................ 2-1 2.1.3 IKE在IPSec中的作用.............................................................................................................. 2-2 2.1.4 IPSec与IKE的关系.................................................................................................................. 2-2 2.2 IKE配置任务简介............................................................................................................................... 2-3 2.3 配置本端安全网关的名字.................................................................................................................. 2-3 2.4 配置IKE安全提议............................................................................................................................... 2-4 2.5 配置IKE对等体.................................................................................................................................. 2-5 2.6 配置Keepalive定时器........................................................................................................................ 2-6 2.7 配置NAT Keepalive定时器................................................................................................................ 2-7 2.8 配置对等体存活检测.......................................................................................................................... 2-7 2.9 配置取消对next payload域的检查..................................................................................................... 2-8 2.10 IKE显示和维护................................................................................................................................ 2-8 2.11 IKE典型配置举例............................................................................................................................. 2-8 2.11.1 IKE典型配置组网应用........................................................................................................... 2-8 2.11.2 IKE野蛮模式及NAT穿越的组网应用................................................................................... 2-10 2.11.3 ADSL与IPSec/IKE相结合的组网应用................................................................................. 2-12 2.12 常见错误配置举例......................................................................................................................... 2-15 2.12.1 非法用户身份信息............................................................................................................... 2-16 2.12.2 提议不匹配.......................................................................................................................... 2-16 2.12.3 无法建立安全隧道............................................................................................................... 2-16 2.12.4 ACL配置错误...................................................................................................................... 2-17
购买主题
已有 2 人购买
本主题需向作者支付 6 金币 才能浏览
| |
发表于 2014-3-19 11:55:49
|
显示全部楼层
| ||
发表于 2014-3-21 14:04:39
|
显示全部楼层
| ||
发表于 2014-3-22 01:18:09
|
显示全部楼层
| ||
发表于 2014-3-24 14:45:36
|
显示全部楼层
| ||
发表于 2014-4-28 13:38:36
|
显示全部楼层
| ||
发表于 2016-7-9 15:27:18
|
显示全部楼层
| ||
发表于 2016-8-10 08:49:06
|
显示全部楼层
| ||
发表于 2016-8-10 09:43:31
|
显示全部楼层
| ||
发表于 2016-8-12 00:14:49
|
显示全部楼层
| ||
上班打不起精神
|
||