3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

211

212

213

214

215

216

217

218

219

220

218 CHAPTER 13: DVPN

A DVPN server is not assigned a public IP address by default.

Assigning a private IP address to a DVPN server

The IP address here refers to the IP address of the Tunnel interface through which

the DVPN server accesses a DVPN domain and is optional. When a client

configured with the private IP address of the DVPN server registers, the response

information contains the private IP address of the DVPN server. And the client tears

down the connection if the two private IP address are not the same.

Perform the following configuration in a DVPN class view.

A DVPN server is not assigned a private IP address by default.

Configuring the register algorithm suite

DVPN register control packets must be encrypted for security. The encryption

algorithm, authentication algorithm, and key negotiation algorithm are

determined by the register algorithm suite.

Perform the following configuration in a DVPN class view.

The suite-number parameter is 1 by default, which stands for DES-MD5-GROUP1.

Refer to Command Manual for the meanings of other values.

Specifying how the client authenticates the DVPN server

A client can authenticate the DVPN server to be accessed using a pre-shared-key.

The configured pre-shared-key must be identical to the one the DVPN server holds

for the client to successfully register with the DVPN server.

Perform the following configuration in a DVPN class view.

Tabl e 232 Assign a public IP address to the DVPN server

Operation Command

Assign a public IP address to the DVPN server public-ip ip-address

Remove a public IP address undo public-ip

Tabl e 233 Assign a private IP address to a DVPN server

Operation Command

Assign a private IP address to a DVPN server private-ip ip-address

Remove the private IP address undo private-ip

Tabl e 234 Configure the register algorithm suite

Operation Command

Configure the register algorithm suite algorithm-suite suite-number

Revert to the default register algorithm suite undo algorithm-suite

Tabl e 235 Specify how the client authenticates the DVPN server

Operation Command

Specify to authenticate the DVPN server using

the pre-shared-key

authentication-server method pre-share