Basic NGE configuration overview

About this task

This procedure configures NGE for an MPLS service or router interface.

Procedure

  1. Configure the group encryption label. The label must be unique, and the same label must be used on all nodes in the network group.
  2. Create a key group, duplicating this configuration on all nodes participating in this key group.
    1. Configure the encryption and authentication algorithms for the group.
    2. Configure a security association (SA) that contains the encryption and authentication keys.
    3. Configure the active outbound SA for the group.
  3. Select the SDPs, VPRN services, or router interfaces that require encryption.
    1. For each SDP, VPRN service, or router interface, configure the outbound direction key group.
    2. For each SDP, VPRN service, or router interface, configure the inbound direction key group.