Re: [vpp-dev] IPSec ESP Tunnel mode config

Wed, 24 Feb 2021 08:00:13 -0800 

Thank you Neale. Following set of commands worked.  I hope it is correct.

vpp# create ipip tunnel src 192.83.1.1 dst 192.83.1.2
ipip0
vpp# ipsec sa add 20 spi 1000 crypto-alg aes-gcm-256 crypto-key 
0123456789012345678901234567890101234567890123456789012345678901 salt 0x12345678
vpp# ipsec tunnel protect ipip0 sa-out 20

Foll. command didn't work:
ipsec sa add 20 spi 1000 esp crypto-alg aes-gcm-128 crypto-key 
4a506a794f574265564551694d653768 salt 0x12345678 tunnel src 192.83.1.1 dst 
192.83.1.2

Thanks
Govind

From: [email protected] <[email protected]> On Behalf Of Neale Ranns via 
lists.fd.io
Sent: Wednesday, February 24, 2021 9:20 AM
To: Govindarajan Mohandoss <[email protected]>; vpp-dev 
<[email protected]>
Subject: Re: [vpp-dev] IPSec ESP Tunnel mode config

Dear Govind,

The tunnel parameters are parsed separately in recent versions. Try:

  ipsec sa add 20 spi 1000 esp crypto-alg aes-gcm-128 crypto-key 
4a506a794f574265564551694d653768 salt 0x12345678 tunnel src 192.83.1.1 dst 
192.83.1.2

/neale

From: [email protected]<mailto:[email protected]> 
<[email protected]<mailto:[email protected]>> on behalf of Govindarajan 
Mohandoss via lists.fd.io 
<[email protected]<mailto:[email protected]>>
Date: Wednesday, 24 February 2021 at 15:59
To: vpp-dev <[email protected]<mailto:[email protected]>>
Cc: nd <[email protected]<mailto:[email protected]>>, nd 
<[email protected]<mailto:[email protected]>>
Subject: [vpp-dev] IPSec ESP Tunnel mode config

Dear Maintainers,

   I need help to fix ESP Tunnel mode configuration using debug CLI.

   Following command is throwing parse error. Can you please share the latest 
CLI command ?



vpp# ipsec sa add 20 spi 1000 esp tunnel-src 192.83.1.1 tunnel-dst 192.83.1.2 
crypto-alg aes-gcm-128 crypto-key 4a506a794f574265564551694d653768 salt 
0x12345678

ipsec sa: parse error: '-src 192.83.1.1 tunnel-dst 192...'



Thanks

Govind

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#18797): https://lists.fd.io/g/vpp-dev/message/18797
Mute This Topic: https://lists.fd.io/mt/80878044/21656
Group Owner: [email protected]
Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to