
 View Only
  • 1.  Help with IPSEC Tunnel between COMWARE5 and COMWARE7

    Posted Aug 02, 2019 03:41 AM

    Hi there, can anyone provide me an example configuration to create an IPSEC tunnel between an HP5500EI(COMWARE5) and a HP5510(COMWARE7)?

    Even a basic setup for both ends would help to allow me to then tweak it, i have not created an IPSEC tunnel before on HP and am struggling to find anything anywhere to show an example configuration for the above setup.

    Kind Regards




  • 2.  RE: Help with IPSEC Tunnel between COMWARE5 and COMWARE7

    Posted Aug 02, 2019 04:39 AM


    Since VPN like IPSec is usually done with proper Routers and not Routing Switches, most of the helpful configuration example documents are written using VSR/MSR Routers. However the process should be very similar.

    Comware Routers with IPSec VPN Tech Note:

    IPSec with VSR Routers:

    If you have issues with the commands in Comware 5/7 please check the respective Security Configuration and Security Command guides for your devices. Official docs can be found via

  • 3.  RE: Help with IPSEC Tunnel between COMWARE5 and COMWARE7

    Posted Aug 02, 2019 05:08 AM

    Hi Justin, 

    Many thanks for that quick reply, i am starting to wonder if we are perhaps missing something on our HP5500(EI's and HI's) that are COMWARE5, the setup you linked to below is pretty much what i followed for our 5510 side of things on COMWARE7 but our 5500's do not appear to have any IKE commands at all. 

    Was there perhaps a different firmware that could be downloaded onto 5500's which was not default which brings in more advanced commands?

    I have my 5510 setup as per the attached advice, it is really the 5500HI or EI side i am just failing badly on.

    Kind Regards


  • 4.  RE: Help with IPSEC Tunnel between COMWARE5 and COMWARE7

    Posted Aug 02, 2019 05:25 AM


    Sorry to hear that, it sounds like the 5500s may not support IPSec. They are End of Sale for quite some time now, so new features cannot be added.

    Here are two sample 5500s download pages:

    One has its last release in 2014, and the other in 2017. So if you are running the latest release for your device (based on PN like JD377A), and it does not support IPSec-related commands, then you should consider upgrading to a newer model (like your 5510) that does.