Manualshelf

HP VPN Firewall Appliances VPN Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
919293949596979899100
86
Configure Firewall A:
# Configure an IPv4 address for GigabitEthernet 0/1.
<FirewallA> system-view
[FirewallA] interface gigabitethernet 0/1
[FirewallA-GigabitEthernet0/1] ip address 10.1.1.1 255.255.255.0
[FirewallA-GigabitEthernet0/1] quit
# Configure an IPv4 address for GigabitEthernet 0/2, which is the physical interface of the tunnel.
[FirewallA] interface gigabitethernet 0/2
[FirewallA-GigabitEthernet0/2] ip address 2.1.1.1 255.255.255.0
[FirewallA-GigabitEthernet0/2] quit
# Create interface Tunnel 1.
[FirewallA] interface tunnel 1
# Configure an IPv4 address for interface Tunnel 1.
[FirewallA-Tunnel1] ip address 10.1.2.1 255.255.255.0
# Configure the tunnel encapsulation mode as IPv4 over IPv4.
[FirewallA-Tunnel1] tunnel-protocol ipv4-ipv4
# Specify the IP address of GigabitEthernet 0/2 as the source address for interface Tunnel 1.
[FirewallA-Tunnel1] source 2.1.1.1
# Specify the IP address of GigabitEthernet 0/2 on Firewall B as the destination address for
interface Tunnel 1.
[FirewallA-Tunnel1] destination 3.1.1.1
[FirewallA-Tunnel1] quit
# Configure a static route destined for the IP network Group 2 through interface Tunnel 1.
[FirewallA] ip route-static 10.1.3.0 255.255.255.0 tunnel 1
Configure Firewall B:
# Configure an IPv4 address for GigabitEthernet 0/1.
<FirewallB> system-view
[FirewallB] interface gigabitethernet 0/1
[FirewallB-GigabitEthernet0/1] ip address 10.1.3.1 255.255.255.0
[FirewallB-GigabitEthernet0/1] quit
# Configure an IPv4 address for GigabitEthernet 0/2, which is the physical interface of the tunnel.
[FirewallB] interface gigabitethernet 0/2
[FirewallB-GigabitEthernet0/2] ip address 3.1.1.1 255.255.255.0
[FirewallB-GigabitEthernet0/2] quit
# Create interface Tunnel 2.
[FirewallB] interface tunnel 2
# Configure an IPv4 address for interface Tunnel 2.
[FirewallB-Tunnel2] ip address 10.1.2.2 255.255.255.0
# Configure the tunnel encapsulation mode as IPv4 over IPv4.
[FirewallB-Tunnel2] tunnel-protocol ipv4-ipv4
# Specify the IP address of GigabitEthernet 0/2 as the source address for interface Tunnel 2.
[FirewallB-Tunnel2] source 3.1.1.1
# Specify the IP address of GigabitEthernet 0/2 on Firewall A as the destination address for
interface Tunnel 2.
[FirewallB-Tunnel2] destination 2.1.1.1