With rapid development of mobile communication technology, a third generation mobile communication system has entered a Long Term Evolution (LTE) stage. Due to features such as large amount of telecommunication service data, a complicated network structure, and all-IP based LTE, IP Security (IPSec) technology strengthened data service protection is recommended in 3GPP.
An LTE wireless network includes a huge number of base stations or eNBs (eNodeB, evoluted Node B), where a number of inter-eNB X2 links (with X2 being an inter-eNB interface) increases exponentially with the number of eNBs. With a scale of N eNBs, there may be N*(N−1) pieces of configuration data for inter-eNB X2 SCTP establishment. In implementing inter-eNB X2 link IPSec protection, which involves a Diffie-Hellman (DH) group, an authentication algorithm, and an encryption algorithm in negotiation IPSec tunnel establishment, the number of pieces of configuration data multiplies on the basis of N*(N−1). Therefore, manual X2 IPSec tunnel configuration is very time-consuming, and is error-prone due to a large number of parameters. Improper parameter configuration may lead to a service-impacting failure in inter-eNB X2 link establishment.