Avaya G430 Manual page 532
Administering branch gateway
Hide thumbs
Also See for G430:
- Installation and upgrades (155 pages) ,
- Deploying and upgrading (144 pages) ,
- Quick start for hardware (31 pages)
Table of Contents
Advertisement
IPSec VPN
2. Configure the VPN Hubs (Main Offices) as follows:
VPN hub redundancy and load sharing topologies
Traffic
direction
Ingress
Ingress
Ingress
Ingress
Egress
Egress
Egress
Egress
VPN hub redundancy and load sharing topologies example
crypto isakmp policy 1
encryption aes
hash sha
group 2
authentication pre-share
exit
crypto isakmp peer address <Primary Main Office Internet public Static IP
pre-shared-key
isakmp-policy 1
exit
crypto isakmp peer address <Backup Main Office Internet public Static
532
Administering Avaya G430 Branch Gateway
c. Configure dynamic routing (OSPF or RIP) to run over local data interfaces (data
VLANs) and on the GRE interfaces
a. The VPN policy portion for the branch is configured as a mirror image of the
branch
b. The ACL portion for the branch is a mirror image of the branch, with some minor
modifications
c. The GRE Tunnel interface is configured for the branch
d. Dynamic routing (OSPF or RIP) is configured to run over the GRE interface to
the branch
IKE (UDP/500) from remote tunnel endpoint to local tunnel endpoint Permit
ESP/AH from remote tunnel endpoint to local tunnel endpoint
Allowed ICMP from any IP address to local tunnel endpoint
Default
IKE (UDP/500) from local tunnel endpoint to remote tunnel endpoint Permit
All allowed services from any local subnet to any IP address
Allowed ICMP from local tunnel endpoint to any IP address
Default
Address>
<key1>
Comments? infodev@avaya.com
ACL parameter
ACL
value
Permit
Permit
Deny
Permit
Permit
Deny
October 2013
Hide quick links:
Advertisement
Table of Contents
