HP VPN Firewall Appliances VPN Configuration Guide
457
Figure 347 Network diagram
Device Interface IP address Device Interface IP address
Hub 1 GE0/1 192.168.1.1/24
Spoke 1
Eth1/1
192.168.1.3/24
Tunnel1 10.0.1.1/24
Eth1/2
10.0.3.1/24
Tunnel2 10.0.2.1/24 Tunnel1 10.0.1.3/24
Hub 2 GE0/1 192.168.1.2/24
Spoke 2
Eth1/1
192.168.1.4/24
Tunnel1 10.0.1.2/24
Eth1/2
10.0.4.1/24
Tunnel2 10.0.2.2/24 Eth1/3 10.0.6.1/24
Spoke 3 Eth1/1 192.168.1.5/24
Tunnel1 10.0.1.4/24
Eth1/2 10.0.5.1/24
Tunnel2 10.0.2.4/24
Tunnel2 10.0.2.3/24 Primary server Eth1/1 192.168.1.22/24
A
AA server 192.168.1.11/24
Secondary
server
Eth1/1
192.168.1.33//24
Configuring the primary VAM server
1. Configure IP addresses for the interfaces. (Details not shown.)
2. Configure AAA:
<PrimaryServer> system-view
# Configure RADIUS scheme radsun.
[PrimaryServer] radius scheme radsun
[PrimaryServer-radius-radsun] primary authentication 192.168.1.11 1812
[PrimaryServer-radius-radsun] primary accounting 192.168.1.11 1813
[PrimaryServer-radius-radsun] key authentication expert
[PrimaryServer-radius-radsun] key accounting expert
[PrimaryServer-radius-radsun] server-type extended
[PrimaryServer-radius-radsun] user-name-format without-domain
[PrimaryServer-radius-radsun] quit
# Configure the AAA methods for the ISP domain domain1.
[PrimaryServer] domain domain1
[PrimaryServer-isp-domain1] authentication dvpn radius-scheme radsun