Manualshelf

HP VPN Firewall Appliances VPN Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
21222324252627282930
18
# Configure the destination address of the tunnel interface Tunnel0 as the IP address of interface
GigabitEthernet 0/2 on Firewall B).
[FirewallA-Tunnel0] destination 2001::2:1
[FirewallA-Tunnel0] quit
# Configure a static route from Firewall A through the tunnel interface Tunnel0 to Group 2.
[FirewallA] ip route-static 10.1.3.0 255.255.255.0 tunnel 0
2. Configure Firewall B:
<FirewallB> system-view
# Enable IPv6.
[FirewallB] ipv6
# Configure an IPv4 address for interface GigabitEthernet 0/1.
[FirewallB] interface gigabitethernet 0/1
[FirewallB-GigabitEthernet0/1] ip address 10.1.3.1 255.255.255.0
[FirewallB-GigabitEthernet0/1] quit
# Configure an IPv6 address for interface GigabitEthernet 0/2, the physical interface of the
tunnel).
[FirewallB] interface gigabitethernet 0/2
[FirewallB-GigabitEthernet0/2] ipv6 address 2001::2:1 64
[FirewallB-GigabitEthernet0/2] quit
# Create a tunnel interface named Tunnel0.
[FirewallB] interface tunnel 0
# Configure an IPv4 address for interface Tunnel0.
[FirewallB-Tunnel0] ip address 10.1.2.2 255.255.255.0
# Configure the tunnel encapsulation mode as GRE over IPv6.
[FirewallB-Tunnel0] tunnel-protocol gre ipv6
# Configure the source address of the tunnel interface Tunnel0 as the IP address of the interface
GigabitEthernet 0/2.
[FirewallB-Tunnel0] source 2001::2:1
# Configure the destination address of the tunnel interface Tunnel0 as the IP address of the
interface GigabitEthernet 0/2 on Firewall A.
[FirewallB-Tunnel0] destination 2002::1:1
[FirewallB-Tunnel0] quit
# Configure a static route from Firewall B through the tunnel interface Tunnel0 to Group 1.
[FirewallB] ip route-static 10.1.1.0 255.255.255.0 tunnel 0
3. Verify the configuration:
# Display the tunnel interface status on Firewall A and Firewall B.
[FirewallA] display interface Tunnel 0
Tunnel0 current state: UP
Line protocol current state: UP
Description: Tunnel0 Interface
The Maximum Transmit Unit is 1456
Internet Address is 10.1.2.1/24 Primary
Encapsulation is TUNNEL, service-loopback-group ID not set.
Tunnel source 2002::1:1, destination 2001::2:1
Tunnel protocol/transport GRE/IPv6
GRE key disabled