3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

221

222

223

224

225

226

227

228

229

230

DVPN Configuration Example 223

After session is established between server and client 1 and client 2, transmitted

data is IPsec-encrypted by default using algorithm suite 1. That is, use DES for

encryption, MD5 for authentication, and DH-GROUP1 for key negotiation.

Network diagram

Figure 46 Network diagram for DVPN

Configuration procedure

1 Configure server

3Com (IPsecModule)

# Divide VLANs.

<SW8800> system-view

[SW8800] vlan 70

[3Com-vlan70] quit

[SW8800] vlan 80

[3Com-vlan80] quit

[SW8800] vlan 90

[3Com-vlan90] quit

# Configure the IP address.

[SW8800] interface vlan-interface 70

[3Com-Vlan-interface70] ip address 70.0.0.254 24

[3Com-Vlan-interface70] quit

[SW8800] interface vlan-interface 80

[3Com-Vlan-interface80] ip address 80.0.0.1 24

[3Com-Vlan-interface80] quit

# Configure the static route.

[SW8800] ip route-static 0.0.0.0 0 80.0.0.254

Tunnel0 : 192.168.0.254/24

Tunnel0: 192.168.0.2/24

erver

Client2

%UDQFK$

%UDQFK%

+HDGTXDUWHU

Tunnel0:192.168.0.1/24

Client1

Internet

Vlan10:10.0.0.0/24

SecBlade_A Switch8800_A

Vlan 30

Vlan 50

30.0.0.254/24

50.0.0.254/24

30.0.0.1/24

10.0.0.254/24

Vlan20:20.0.0.0/24

g0/0.2:50.0.0.254/24

g0/0.2:60.0.0.254/24

Vlan10:10.0.0.254/24 Vlan20:20.0.0.254/24

g0/0.2:90.0.0.254/24

Vlan70:70.0.0.254/24

SecBlade_A Switch8800_A

Vlan 8 0

Vlan 9 0

8 0.0.0.254/24

9 0 .0.0.254/24

8 0.0.0.1/24

7 0.0.0.254/24

Secblade-B

Switch8800_B

Vlan 40

Vlan 60 60.0. 0. 254/24

40.0.0. 1/24

20.0.0. 254/24

40.0.0. 254/24