HP VPN Firewall Appliances Network Management Configuration Guide
341
Figure 242 Network diagram
Device Interface IP address
Device
Interface
IP address
Firewall A GE 1/1 12.1.1.1/24 Firewall B GE 1/1 12.1.1.2/24
GE 1/2 10.1.1.102/24
GE 1/2
13.1.1.1/24
Router GE 1/1 10.1.1.100/24
GE 1/2 13.1.1.2/24
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure static routes and BFD:
# Configure static routes on Firewall A and enable BFD control mode for the static route that
traverses the Layer 2 switch.
<FirewallA> system-view
[FirewallA] interface gigabitethernet 1/1
[FirewallA-GigabitEthernet1/1] bfd min-transmit-interval 500
[FirewallA-GigabitEthernet1/1] bfd min-receive-interval 500
[FirewallA-GigabitEthernet1/1] bfd detect-multiplier 9
[FirewallA-GigabitEthernet1/1] quit
[FirewallA] ip route-static 120.1.1.0 24 gigabitethernet 1/1 12.1.1.2 bfd
control-packet
[FirewallA] ip route-static 120.1.1.0 24 gigabitethernet 1/2 10.1.1.100 preference
65
[FirewallA] quit
# Configure static routes on Firewall B and enable BFD control mode for the static route that
traverses the Layer 2 switch.
<FirewallB> system-view
[FirewallB] interface gigabitethernet 1/1
[FirewallB-GigabitEthernet1/1] bfd min-transmit-interval 500
[FirewallB-GigabitEthernet1/1] bfd min-receive-interval 500
[FirewallB-GigabitEthernet1/1] bfd detect-multiplier 9
[FirewallB-GigabitEthernet1/1] quit
[FirewallB] ip route-static 121.1.1.0 24 gigabitethernet 1/1 12.1.1.1 bfd
control-packet
[FirewallB] ip route-static 121.1.1.0 24 gigabitethernet 1/2 13.1.1.2 preference 65
[FirewallB] quit
# Configure static routes on Router.
<Router> system-view
[Router] ip route-static 120.1.1.0 24 gigabitethernet 1/2 13.1.1.1