Hello, I need to configure ipsec ikev2 site to site between cisco csr 1000v and hpe vsr1000
cisco config
crypto ikev2 keyring HPE
peer HPE
address xxx.xxx.xxx.132
identity address yyy.yyy.yyy.111
pre-shared-key local Cisco-Pass
pre-shared-key remote HPE-Pass
crypto ikev2 proposal HPE
encryption aes-cbc-128
integrity sha256
group 14
crypto ikev2 policy HPE
match address local yyy.yyy.yyy.111
proposal HPE
crypto ikev2 profile HPE
match identity remote address xxx.xxx.xxx.132 255.255.255.255
identity local address yyy.yyy.yyy.111
authentication remote pre-share
authentication local pre-share
keyring local HPE
crypto ipsec profile HPE
set ikev2-profile HPE
interface Tunnel5
ip address 10.10.10.2 255.255.255.252
tunnel source GigabitEthernet4
tunnel mode ipsec ipv4
tunnel destination xxx.xxx.xxx.132
tunnel protection ipsec profile HPE
end
hpe config
ikev2 keychain CSR
peer CSR
address yyy.yyy.yyy.111 255.255.255.255
identity address xxx.xxx.xxx.132
pre-shared-key local pl HPE-Pass
pre-shared-key remote pl Cisco-Pass
ikev2 proposal CSR
encryption aes-cbc-128
integrity sha256
dh group14
ikev2 policy CSR
proposal CSR
match local address xxx.xxx.xxx.132
ikev2 profile CSR
authentication-method local pre-share
authentication-method remote pre-share
keychain CSR
match remote identity address yyy.yyy.yyy.111 255.255.255.25
interface Tunnel5 mode ipv4-ipv4
ip address 10.10.10.1 255.255.255.252
source GigabitEthernet4/0
destination yyy.yyy.yyy.111
ipsec apply policy CSR
I do something wrong, I ask for help
#vsr1000vti