How Advpn Operates - HP FlexNetwork MSR2003 Configuration Manual
Flexnetwork msr router series
Hide thumbs
Also See for FlexNetwork MSR2003:
- Configuration manual (350 pages) ,
- Command reference manual (471 pages) ,
- Manual (73 pages)
Table of Contents
Advertisement
Figure 142 Hub-group ADVPN
Spoke1
Site 1
Hub-to-Hub static tunnel
Hub-to-Spoke static tunnel
How ADVPN operates
The VAM server must have a static public address. VAM clients have both a public address and a
private address. The public address is the address of the interface connected to the public network.
It can be manually configured or dynamically assigned. The private address is the address of the
ADVPN tunnel interface. It must be manually configured. All the private addresses of clients in an
ADVPN domain must belong to the same network segment.
ADVPN includes the following phases:
•
Connection initialization.
•
Registration.
•
Tunnel establishment.
•
Route learning and packet forwarding.
Connection initialization
As shown in
connection:
1.
The client sends encryption and authentication algorithms to the server in a connection request.
2.
The server compares the algorithm list of the client to its own algorithm list in priority order.
3.
The server sends the matching algorithms to the client.
If no match is found, the negotiation fails.
4.
The server and the client generate encryption and authentication keys based on the pre-shared
key.
If authentication and encryption are not needed, they do not generate keys.
Tunnel 2
Hub1
Tunnel 2
Tunnel 1
Tunnel 1
Tunnel 1
Tunnel 1
Group 1
Spoke2
Site 2
Site 3
Spoke-to-Spoke dynamic
tunnel in one group
Spoke-to-Spoke dynamic tunnel
between two groups
Figure
143, a client and a server perform the following operations to initialize a
Tunnel 2
Hub2
Tunnel 1
Group 2
Spoke3
Site 4
334
Hub3
Group 0
Tunnel 1
Tunnel 1
Spoke4
Site 5
Site 6
VAM server
- Quick Links:
- Configuring Ip Addressing
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
