Manualshelf

R0106-HP MSR Router Series Layer 3 - IP Services Configuration Guide(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router
341342343344345346347348349350
334
[Spoke1] vam client name Spoke1
# Specify ADVPN domain abc for the VAM client.
[Spoke1-vam-client-Spoke1] advpn-domain abc
# Configure a pre-shared key for the VAM client.
[Spoke1-vam-client-Spoke1] pre-shared-key simple 123456
# Set the username and password to spoke1.
[Spoke1-vam-client-Spoke1] user spoke1 password simple spoke1
# Specify the primary and secondary VAM servers.
[Spoke1-vam-client-Spoke1] server primary ip-address 1.0.0.11
[Spoke1-vam-client-Spoke1] server secondary ip-address 1.0.0.12
# Enable the VAM client.
[Spoke1-vam-client-Spoke1] client enable
[Spoke1-vam-client-Spoke1] quit
3. Configure the IPsec profile:
# Configure IKE.
[Spoke1] ike keychain abc
[Spoke1-ike-keychain-abc] pre-shared-key address 0.0.0.0 0.0.0.0 key simple 123456
[Spoke1-ike-keychain-abc] quit
[Spoke1] ike profile abc
[Spoke1-ike-profile-abc] keychain abc
[Spoke1-ike-profile-abc] quit
# Configure the IPsec profile.
[Spoke1] ipsec transform-set abc
[Spoke1-ipsec-transform-set-abc] encapsulation-mode transport
[Spoke1-ipsec-transform-set-abc] esp encryption-algorithm des-cbc
[Spoke1-ipsec-transform-set-abc] esp authentication-algorithm sha1
[Spoke1-ipsec-transform-set-abc] quit
[Spoke1] ipsec profile abc isakmp
[Spoke1-ipsec-profile-isakmp-abc] transform-set abc
[Spoke1-ipsec-profile-isakmp-abc] ike-profile abc
[Spoke1-ipsec-profile-isakmp-abc] quit
4. Configure OSPF to advertise the private networks.
[Spoke1] ospf 1
[Spoke1-ospf-1] area 0
[Spoke1-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255
[Spoke1-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[Spoke1-ospf-1-area-0.0.0.0] quit
[Spoke1-ospf-1] quit
5. Configure GRE-mode ADVPN tunnel interface tunnel1. Configure its DR priority as 0 so Spoke1
will not participate in DR/BDR election.
[Spoke1] interface tunnel1 mode advpn gre
[Spoke1-Tunnel1] ip address 192.168.0.3 255.255.255.0
[Spoke1-Tunnel1] vam client Spoke1
[Spoke1-Tunnel1] ospf network-type broadcast
[Spoke1-Tunnel1] ospf dr-priority 0
[Spoke1-Tunnel1] source gigabitethernet 1/0/1