Manualshelf

R3721-F3210-F3171-HP High-End Firewalls VPN Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
461462463464465466467468469470
458
A permanent tunnel is established between each hub-spoke pair.
Figure 329 Network diagram
Device Interface IP address
Device
Interface IP address
Hub 1 GE0/2 192.168.1.1/24 Spoke 1 Eth1/1 192.168.1.3/24
Tunnel1 10.0.1.1/24
Eth1/2
10.0.2.1/24
Hub 2 GE0/2 192.168.1.2
/
24
Tunnel1 10.0.1.3
/
24
Tunnel1 10.0.1.2/24 Spoke 2 Eth1/1 192.168.1.4/24
Primary server Eth1
/
1 192.168.1.22
/
24
Eth1/2
10.0.3.1/24
Secondary server Eth1/1 192.168.1.33//2
4
Tunnel1 10.0.1.4/24
AAA server 192.168.1.11/24
Configure the primary VAM server
1. Configure IP addresses for the interfaces. (Details not shown.)
2. Configure AAA:
<PrimaryServer> system-view
# Configure RADIUS scheme radsun.
[PrimaryServer] radius scheme radsun
[PrimaryServer-radius-radsun] primary authentication 192.168.1.11 1812
[PrimaryServer-radius-radsun] primary accounting 192.168.1.11 1813
[PrimaryServer-radius-radsun] key authentication expert
[PrimaryServer-radius-radsun] key accounting expert
[PrimaryServer-radius-radsun] server-type standard
[PrimaryServer-radius-radsun] user-name-format with-domain
[PrimaryServer-radius-radsun] quit
# Configure the AAA methods for the ISP domain domain1.
[PrimaryServer] domain domain1
[PrimaryServer-isp-domain1] authentication dvpn radius-scheme radsun
[PrimaryServer-isp-domain1] authorization dvpn radius-scheme radsun