Re: [vpp-dev] IPSec ESP Tunnel mode config

Wed, 24 Feb 2021 08:00:13 -0800 

Thank you Neale. Following set of commands worked.  I hope it is correct.

vpp# create ipip tunnel src 192.83.1.1 dst 192.83.1.2
ipip0
vpp# ipsec sa add 20 spi 1000 crypto-alg aes-gcm-256 crypto-key 
0123456789012345678901234567890101234567890123456789012345678901 salt 0x12345678
vpp# ipsec tunnel protect ipip0 sa-out 20

Foll. command didn't work:
ipsec sa add 20 spi 1000 esp crypto-alg aes-gcm-128 crypto-key 
4a506a794f574265564551694d653768 salt 0x12345678 tunnel src 192.83.1.1 dst 
192.83.1.2

Thanks
Govind

From: vpp-dev@lists.fd.io <vpp-dev@lists.fd.io> On Behalf Of Neale Ranns via 
lists.fd.io
Sent: Wednesday, February 24, 2021 9:20 AM
To: Govindarajan Mohandoss <govindarajan.mohand...@arm.com>; vpp-dev 
<vpp-dev@lists.fd.io>
Subject: Re: [vpp-dev] IPSec ESP Tunnel mode config

Dear Govind,

The tunnel parameters are parsed separately in recent versions. Try:

  ipsec sa add 20 spi 1000 esp crypto-alg aes-gcm-128 crypto-key 
4a506a794f574265564551694d653768 salt 0x12345678 tunnel src 192.83.1.1 dst 
192.83.1.2

/neale

From: vpp-dev@lists.fd.io<mailto:vpp-dev@lists.fd.io> 
<vpp-dev@lists.fd.io<mailto:vpp-dev@lists.fd.io>> on behalf of Govindarajan 
Mohandoss via lists.fd.io 
<Govindarajan.mohandoss=arm....@lists.fd.io<mailto:Govindarajan.mohandoss=arm....@lists.fd.io>>
Date: Wednesday, 24 February 2021 at 15:59
To: vpp-dev <vpp-dev@lists.fd.io<mailto:vpp-dev@lists.fd.io>>
Cc: nd <n...@arm.com<mailto:n...@arm.com>>, nd 
<n...@arm.com<mailto:n...@arm.com>>
Subject: [vpp-dev] IPSec ESP Tunnel mode config

Dear Maintainers,

   I need help to fix ESP Tunnel mode configuration using debug CLI.

   Following command is throwing parse error. Can you please share the latest 
CLI command ?



vpp# ipsec sa add 20 spi 1000 esp tunnel-src 192.83.1.1 tunnel-dst 192.83.1.2 
crypto-alg aes-gcm-128 crypto-key 4a506a794f574265564551694d653768 salt 
0x12345678

ipsec sa: parse error: '-src 192.83.1.1 tunnel-dst 192...'



Thanks

Govind

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#18797): https://lists.fd.io/g/vpp-dev/message/18797
Mute This Topic: https://lists.fd.io/mt/80878044/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to