Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices VPN Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
919293949596979899100
89
# Configure the destination address for interface Tunnel 1 (IP address of GigabitEthernet 0/2 of
Firewall B).
[FirewallA-Tunnel1] destination 3.1.1.1
[FirewallA-Tunnel1] quit
# Configure a static route destined for the IP network Group 2 through interface Tunnel 1.
[FirewallA] ip route-static 10.1.3.0 255.255.255.0 tunnel 1
Configure Firewall B:
# Configure an IPv4 address for GigabitEthernet 0/1.
<FirewallB> system-view
[FirewallB] interface gigabitethernet 0/1
[FirewallB-GigabitEthernet0/1] ip address 10.1.3.1 255.255.255.0
[FirewallB-GigabitEthernet0/1] quit
# Configure an IPv4 address for GigabitEthernet 0/2 (the physical interface of the tunnel).
[FirewallB] interface gigabitethernet 0/2
[FirewallB-GigabitEthernet0/2] ip address 3.1.1.1 255.255.255.0
[FirewallB-GigabitEthernet0/2] quit
# Create interface Tunnel 2.
[FirewallB] interface tunnel 2
# Configure an IPv4 address for interface Tunnel 2.
[FirewallB-Tunnel2] ip address 10.1.2.2 255.255.255.0
# Configure the tunnel encapsulation mode as IPv4 over IPv4.
[FirewallB-Tunnel2] tunnel-protocol ipv4-ipv4
# Configure the source address for interface Tunnel 2 (IP address of GigabitEthernet 0/2).
[FirewallB-Tunnel2] source 3.1.1.1
# Configure a destination address for interface Tunnel 2 (IP address of GigabitEthernet 0/2 of
Firewall A).
[FirewallB-Tunnel2] destination 2.1.1.1
[FirewallB-Tunnel2] quit
# Configure a static route destined for the IP network Group 1 through interface Tunnel 2.
[FirewallB] ip route-static 10.1.1.0 255.255.255.0 tunnel 2
388BVerifying the configuration
# Display the status of the tunnel interfaces on Firewall A and Firewall B, respectively.
[FirewallA] display interface tunnel 1
Tunnel1 current state: UP
Line protocol current state: UP
Description: Tunnel1 Interface
The Maximum Transmit Unit is 64000
Internet Address is 10.1.2.1/24 Primary
Encapsulation is TUNNEL, service-loopback-group ID not set
Tunnel source 2.1.1.1, destination 3.1.1.1
Tunnel protocol/transport IP/IP
Output queue : (Urgent queuing : Size/Length/Discards) 0/100/0
Output queue : (Protocol queuing : Size/Length/Discards) 0/500/0
Output queue : (FIFO queuing : Size/Length/Discards) 0/75/0
Last 300 seconds input: 0 bytes/sec, 0 packets/sec