Manualshelf

HP VPN Firewall Appliances VPN Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
21222324252627282930
15
[FirewallA] interface tunnel 0
# Configure an IPv4 address for the tunnel interface Tunnel0.
[FirewallA-Tunnel0] ip address 10.1.2.1 255.255.255.0
# Configure the tunnel encapsulation mode as GRE over IPv4.
[FirewallA-Tunnel0] tunnel-protocol gre
# Configure the source address of the tunnel interface Tunnel0 as the IP address of GigabitEthernet
0/2.
[FirewallA-Tunnel0] source 1.1.1.1
# Configure the destination address of the tunnel interface Tunnel0 as the IP address of
GigabitEthernet 0/2 on Firewall B.
[FirewallA-Tunnel0] destination 2.2.2.2
[FirewallA-Tunnel0] quit
# Configure a static route from Firewall A through the tunnel interface Tunnel0 to Group 2.
[FirewallA] ip route-static 10.1.3.0 255.255.255.0 tunnel 0
2. Configure Firewall B:
# Configure an IPv4 address for interface GigabitEthernet 0/1.
<FirewallB> system-view
[FirewallB] interface gigabitethernet 0/1
[FirewallB-GigabitEthernet0/1] ip address 10.1.3.1 255.255.255.0
[FirewallB-GigabitEthernet0/1] quit
# Configure an IPv4 address for interface GigabitEthernet 0/2, the physical interface of the
tunnel.
[FirewallB] interface gigabitethernet 0/2
[FirewallB-GigabitEthernet0/2] ip address 2.2.2.2 255.255.255.0
[FirewallB-GigabitEthernet0/2] quit
# Create a tunnel interface named Tunnel0.
[FirewallB] interface tunnel 0
# Configure an IP address for the tunnel interface Tunnel0.
[FirewallB-Tunnel0] ip address 10.1.2.2 255.255.255.0
# Configure the tunnel encapsulation mode as GRE over IPv4.
[FirewallB-Tunnel0] tunnel-protocol gre
# Configure the source address of the tunnel interface Tunnel0 as the IP address of the interface
GigabitEthernet 0/2.
[FirewallB-Tunnel0] source 2.2.2.2
# Configure the destination address of the tunnel interface Tunnel0 as the IP address of the
interface GigabitEthernet 0/2 on Firewall A.
[FirewallB-Tunnel0] destination 1.1.1.1
[FirewallB-Tunnel0] quit
# Configure a static route from Firewall B through the tunnel interface Tunnel0 to Group 1.
[FirewallB] ip route-static 10.1.1.0 255.255.255.0 tunnel 0
3. Verify the configuration:
# Display the tunnel interface status on Firewall A and Firewall B.
[FirewallA] display interface tunnel 0
Tunnel0 current state: UP
Line protocol current state: UP