HP VPN Firewall Appliances VPN Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

451

452

453

454

455

456

457

458

459

460

443

Configure Spoke 2

Spoke 2 configuration pages are similar to Hub 1 configuration pages. See the figures for Hub 1

configuration.

1. Configure IP addresses for the interfaces. (Details not shown.)

2. Configure tunnel interface Tunnel1 for VPN domain vpn1.

a. From the navigation tree, select VPN > DVPN > Client, and then click Add.

b. Select the tunnel encapsulation mode UDP, enter the tunnel interface number 1, enter IP

address/mask 10.0.1.4/24, select security zone Management for the tunnel interface, select

the tunnel source interface GigabitEthernet0/1, and enter the VPN domain name vpn1, the

VAM server address 192.168.1.22, the secondary VAM server address 192.168.1.33, the

VAM client username dvpn1spoke2, the VAM client password dvpn1spoke2, the password

dvpn1spoke2 for confirmation, the VAM client pre-shared key 123, and the key 123 for

confirmation.

c. Select Enable IPsec.

d. Select the IPsec authentication method Pre-Shared Key and then enter abcde in the Key and

Confirm Key fields.

e. Select IP Address as both the remote ID type and the local ID type.

f. Click Apply.

3. Configure OSPF:

a. From the navigation tree, select Network > Routing Management > OSPF.

b. Select Enable OSPF and click Apply.

c. In the Area Configuration area,

click Add.

d. Enter area ID 0.

e. Selec

t Normal as the area type.

f. Enter network address 192.168.1.0, select network mask 0.0.0.255, and then click Add

Network.

g. Enter network address 10.0.3.0, select network mask 0.0.0.255, and then click Add Network.

h. Enter network address 10.0.1.0, select network mask 0.0.0.255, and then click Add Network.

i. Click Apply.

j. Click More>> to perform OSPF interface configuration.

k. Click the icon of interface Tunnel1.

l. Select P2MP as the network type.

m. Select 0 as the DR priority.

n. Click Apply.

Verifying the configuration

1. From the navigation tree of the primary VAM server, select VPN > DVPN > Server. Click the VAM

Client Info tab to view the address mapping information of all VAM clients that have registered

with the primary VAM server.

The figure shows that Hub 1, Hub 2, Spoke 1, and Spoke 2 all have registered their address

mapping information with the primary VAM server.