R0106-HP MSR Router Series Layer 3 - IP Services Configuration Guide(V7)
391
Table 18 Interface and IP address assignment
Device Interface IP address
Device
Interface IP address
Hub 1 GE1/0/1 10.0.0.2/24 Spoke 1 GE1/0/1 10.0.0.2/24
Tunnel1 192.168.0.1/24 GE1/0/2 192.168.1.1/24
Hub 2 GE1/0/1 10.0.0.3/24 Tunnel1 192.168.0.3/24
Tunnel1 192.168.0.2/24 Spoke 2 GE1/0/1 10.0.0.2/24
NAT1 GE1/0/1 1.0.0.1/24 GE1/0/2 192.168.2.1/24
GE1/0/2 10.0.0.1/24 Tunnel1 192.168.0.4/24
NAT2 GE1/0/1 1.0.0.2/24 NAT4 GE1/0/1 1.0.0.4/24
GE1/0/2 10.0.0.1/24 GE1/0/2 10.0.0.1/24
NAT3 GE1/0/1 1.0.0.3/24 AAA server 10.0.0.2/24
GE1/0/2 10.0.0.1/24 Primary server GE1/0/1 10.0.0.3/24
Secondary server
GE1/0/1 10.0.0.4/24
Configuring the primary VAM server
1. Configure IP addresses for the interfaces. (Details not shown.)
2. Configure AAA:
# Configure RADIUS scheme abc.
<PrimaryServer> system-view
[PrimaryServer] radius scheme abc
[PrimaryServer-radius-abc] primary authentication 1.0.0.10 1812
[PrimaryServer-radius-abc] primary accounting 1.0.0.10 1813
[PrimaryServer-radius-abc] key authentication simple 123
[PrimaryServer-radius-abc] key accounting simple 123
[PrimaryServer-radius-abc] user-name-format without-domain
[PrimaryServer-radius-abc] quit
[PrimaryServer] radius session-control enable
# Configure AAA methods for the ISP domain abc.
[PrimaryServer] domain abc
[PrimaryServer-isp-abc] authentication advpn radius-scheme abc
[PrimaryServer-isp-abc] accounting advpn radius-scheme abc
[PrimaryServer-isp-abc] quit
[PrimaryServer] domain default enable abc
3. Configure the VAM server:
# Create ADVPN domain abc.
[PrimaryServer] vam server advpn-domain abc id 1
# Create hub group 0.
[PrimaryServer-vam-server-domain-abc] hub-group 0
# Configure hubs in hub group 0:
{ Hub1—The private address is 192.168.0.1, the public address is 1.0.0.1 (after NAT), and the
source port number of ADVPN packets is 4001 (after NAT).