Table of Contents
Advertisement
1572
C
80: DVPN C
HAPTER
ONFIGURATION
Network diagram
Figure 435 Network diagram for DVPN configuration in full-mesh networks
VPN 1 Hub-to-Spoke static tunnel
VPN 2 Hub-to-Spoke static tunnel
Spoke-to-Spoke dynamic tunnel
Device
Interface
Hub 1
Eth1/0
Tunnel1
Tunnel2
Hub 2
Eth1/0
Tunnel1
Tunnel2
Main server
Eth0/0
Backup server
Eth0/0
Configuration procedure
1 Configure the primary VAM server (main)
Configure IP addresses for the interfaces (omitted).
■
Configure AAA.
■
<MainServer> system-view
# Configure a RADIUS scheme named radsun.
[MainServer] radius scheme radsun
[MainServer-radius-radsun] primary authentication 192.168.1.11 1812
[MainServer-radius-radsun] primary accounting 192.168.1.11 1813
[MainServer-radius-radsun] key authentication expert
[MainServer-radius-radsun] key accounting expert
[MainServer-radius-radsun] server-type standard
[MainServer-radius-radsun] user-name-format with-domain
[MainServer-radius-radsun] quit
# Apply the RADIUS scheme in domain 1.
Hub 1
Eth1/0
Tunnel 1
Tunnel 2
IP network
Tunnel1
Eth1/0
Eth1/0
Spoke 1
Site 1
IP address
192.168.1.1/24
10.0.1.1/24
10.0.2.1/24
192.168.1.2/24
10.0.1.2/24
10.0.2.2/24
192.168.1.22/24
192.168.1.33/24 AAA server
Hub 2
Eth1/0
Tunnel 1
Tunnel 2
Tunnel 1
Tunnel 2
Eth1/0
Spoke 2
Site 2
Site 3
Device
Interface
IP address
Spoke 1
Eth1/0
192.168.1.3/24
Tunnel1
10.0.1.3/24
Spoke 2
Eth1/0
192.168.1.4/24
Tunnel1
10.0.1.4/24
Tunnel2
10.0.2.4/24
Spoke 3
Eth1/0
192.168.1.5/24
Tunnel2
10.0.2.3/24
192.168.1.11/24
AAA server
Eth0/0
Main server
Eth0/0
Backup server
Tunnel2
Spoke 3
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
Need help?
Do you have a question about the MSR 50 Series and is the answer not in the manual?
Questions and answers