3Com MSR 50 Series Configuration Manual page 1572

1572 C 80: DVPN C
HAPTER ONFIGURATION
Network diagram
Figure 435 Network diagram for DVPN configuration in full-mesh networks
VPN 1 Hub-to-Spoke static tunnel
VPN 2 Hub-to-Spoke static tunnel
Spoke-to-Spoke dynamic tunnel
Device Interface
Hub 1 Eth1/0
Tunnel1
Tunnel2
Hub 2 Eth1/0
Tunnel1
Tunnel2
Main server Eth0/0
Backup server Eth0/0
Configuration procedure
1 Configure the primary VAM server (main)
Configure IP addresses for the interfaces (omitted).
■
Configure AAA.
■
<MainServer> system-view
# Configure a RADIUS scheme named radsun.
[MainServer] radius scheme radsun
[MainServer-radius-radsun] primary authentication 192.168.1.11 1812
[MainServer-radius-radsun] primary accounting 192.168.1.11 1813
[MainServer-radius-radsun] key authentication expert
[MainServer-radius-radsun] key accounting expert
[MainServer-radius-radsun] server-type standard
[MainServer-radius-radsun] user-name-format with-domain
[MainServer-radius-radsun] quit
# Apply the RADIUS scheme in domain 1.
Hub 1
Eth1/0
Tunnel 1
Tunnel 2
IP network
Tunnel1
Eth1/0 Eth1/0
Spoke 1
Site 1
IP address
192.168.1.1/24
10.0.1.1/24
10.0.2.1/24
192.168.1.2/24
10.0.1.2/24
10.0.2.2/24
192.168.1.22/24
192.168.1.33/24 AAA server
Hub 2
Eth1/0
Tunnel 1
Tunnel 2
Tunnel 1
Tunnel 2
Eth1/0
Spoke 2
Site 2 Site 3
Device Interface IP address
Spoke 1 Eth1/0 192.168.1.3/24
Tunnel1 10.0.1.3/24
Spoke 2 Eth1/0 192.168.1.4/24
Tunnel1 10.0.1.4/24
Tunnel2 10.0.2.4/24
Spoke 3 Eth1/0 192.168.1.5/24
Tunnel2 10.0.2.3/24
192.168.1.11/24
AAA server
Eth0/0
Main server
Eth0/0
Backup server
Tunnel2
Spoke 3