Table of Contents
Advertisement
Configure the IPSec profile
■
# Configure the IPSec proposal.
[Spoke2] ipsec proposal vam
[Spoke2-ipsec-proposal-vam] encapsulation-mode tunnel
[Spoke2-ipsec-proposal-vam] transform esp
[Spoke2-ipsec-proposal-vam] esp encryption-algorithm des
[Spoke2-ipsec-proposal-vam] esp authentication-algorithm sha1
[Spoke2-ipsec-proposal-vam] quit
# Configure the IKE peer.
[Spoke2] ike peer vam
[Spoke2-ike-peer-vam] pre-shared-key abcde
[Spoke2-ike-peer-vam] quit
# Configure the IPSec profile.
[Spoke2] ipsec profile vamp
[Spoke2-ipsec-profile-vamp] proposal vam
[Spoke2-ipsec-profile-vamp] ike-peer vam
[Spoke2-ipsec-profile-vamp] sa duration time-based 600
[Spoke2-ipsec-profile-vamp] pfs dh-group2
Configure the DVPN tunnels
■
# Configure tunnel interface Tunnel 1 for VPN 1.
[Spoke2] interface tunnel 1
[Spoke2-Tunnel1] tunnel-protocol dvpn udp
[Spoke2-Tunnel1] vam client dvpn1spoke2
[Spoke2-Tunnel1] ip address 10.0.1.4 255.255.255.0
[Spoke2-Tunnel1] source ethernet 1/0
[Spoke2-Tunnel1] ospf network-type broadcast
[Spoke2-Tunnel1] ipsec profile vamp
[Spoke2-Tunnel1] quit
# Configure tunnel interface Tunnel 2 for VPN 2.
[Spoke2] interface tunnel 2
[Spoke2-Tunnel2] tunnel-protocol dvpn udp
[Spoke2-Tunnel2] vam client dvpn2spoke2
[Spoke2-Tunnel2] ip address 10.0.2.4 255.255.255.0
[Spoke2-Tunnel2] source ethernet 1/0
[Spoke2-Tunnel2] ospf network-type broadcast
[Spoke2-Tunnel2] ipsec profile vamp
[Spoke2-Tunnel2] quit
Configure OSPF
■
# Configure OSPF for the public network.
[Spoke2] ospf 100
[Spoke2-ospf-100] area 0
[Spoke2-ospf-100-area-0.0.0.0] network 192.168.1.4 0.0.0.255
[Spoke2-ospf-100-area-0.0.0.0] quit
# Configure OSPF for the private networks.
[Spoke2] ospf 200
[Spoke2-ospf-200] area 0
[Spoke2-ospf-200-area-0.0.0.0] network 10.0.1.4 0.0.0.255
DVPN Configuration Example
1579
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
Need help?
Do you have a question about the MSR 50 Series and is the answer not in the manual?