Table of Contents
Advertisement
Copyright © 2010, Juniper Networks, Inc.
Tunnel from Boca to Ottawa on virtual router B:
erx2:vrB(config)#interface tunnel ipsec:Bboca2ottawa transport-virtual-router default
erx2:vrB(config-if)#tunnel transform-set customerBprotection
erx2:vrB(config-if)#tunnel local-identity subnet 10.2.0.0 255.255.0.0
erx2:vrB(config-if)#tunnel peer-identity subnet 10.1.0.0 255.255.0.0
erx2:vrB(config-if)#tunnel source 5.2.0.2
erx2:vrB(config-if)#tunnel destination 5.1.0.2
erx2:vrB(config-if)#ip address 10.1.0.0 255.255.0.0
erx2:vrB(config-if)#exit
Tunnel from Boca to Boston on virtual router B:
erx2:vrB(config)#interface tunnel ipsec:Bboca2boston transport-virtual-router default
erx2:vrB(config-if)#tunnel transform-set customerBprotection
erx2:vrB(config-if)#tunnel local-identity subnet 10.2.0.0 255.255.0.0
erx2:vrB(config-if)#tunnel peer-identity subnet 10.3.0.0 255.255.0.0
erx2:vrB(config-if)#tunnel source 5.2.0.2
erx2:vrB(config-if)#tunnel destination 5.3.0.2
erx2:vrB(config-if)#ip address 10.3.0.0 255.255.0.0
erx2:vrB(config-if)#exit
Last, on erx3, create two IPSec tunnels, one to carry customer A's traffic and another
5.
to carry customer B's traffic.
Virtual router A:
erx3(config)#virtual-router vrA
erx3:vrA(config)#
Tunnel from Boston to Ottawa on virtual router A:
erx3:vrA(config)#interface tunnel ipsec:Aboston2ottawa transport-virtual-router
default
erx3:vrA(config-if)#tunnel transform-set customerAprotection
erx3:vrA(config-if)#tunnel local-identity subnet 10.3.0.0 255.255.0.0
erx3:vrA(config-if)#tunnel peer-identity subnet 10.1.0.0 255.255.0.0
erx3:vrA(config-if)#tunnel source 5.3.0.1
erx3:vrA(config-if)#tunnel destination 5.1.0.1
erx3:vrA(config-if)#ip address 10.1.0.0 255.255.0.0
erx3:vrA(config-if)#exit
Tunnel from Boston to Boca on virtual router A:
erx3:vrA(config)#interface tunnel ipsec:Aboston2boca transport-virtual-router default
erx3:vrA(config-if)#tunnel transform-set customerAprotection
erx3:vrA(config-if)#tunnel local-identity subnet 10.3.0.0 255.255.0.0
erx3:vrA(config-if)#tunnel peer-identity subnet 10.2.0.0 255.255.0.0
erx3:vrA(config-if)#tunnel source 5.3.0.1
erx3:vrA(config-if)#tunnel destination 5.2.0.1
erx3:vrA(config-if)#ip address 10.1.0.0 255.255.0.0
erx3:vrA(config-if)#exit
Virtual router B:
erx3(config)#virtual-router vrB
erx3:vrB(config)#
Tunnel from Boston to Ottawa on virtual router B:
Chapter 5: Configuring IPSec
159
Advertisement
Table of Contents
Related Manuals for Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP SERVICES CONFIGURATION GUIDE 2010-10-01
Related Products for Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP SERVICES CONFIGURATION GUIDE 2010-10-01
- Juniper JUNOSE SOFTWARE FOR E SERIES 11.0.X - BGP AND MPLS CONFIGURATION GUIDE 2009-12-30
- Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - BGP AND MPLS CONFIGURATION GUIDE 2010-10-12
- Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - MULTICAST ROUTING CONFIGURATION GUIDE 2010-10-07
- Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - PHYSICAL LAYER CONFIGURATION GUIDE 2010-09-24
- Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - POLICY MANAGEMENT CONFIGURATION GUIDE 2010-10-04
- Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - SERVICE AVAILABILITY CONFIGURATION GUIDE 2010-10-08
- Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - LINK LAYER CONFIGURATION GUIDE 2010-10-13
- Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - QUALITY OF SERVICE CONFIGURATION GUIDE 2010-09-22
- Juniper JUNOS SOFTWARE 10.2 - SOFTWARE INSTALLATION AND UPGRADE GUIDE 4-28-2010
- Juniper JUNOS 10.1 - CONFIGURATION GUIDE 1-2010
- Juniper JUNOSE 11.1.X - BROADBAND ACCESS CONFIGURATION GUIDE 6-4-2010
- Juniper JUNOSE SOFTWARE 11.1.X - BROADBAND ACCESS CONFIGURATION GUIDE 6-6-2010
- Juniper JUNOSE 11.1.X - QUALITY OF SERVICE CONFIGURATION GUIDE 3-21-2010
- Juniper JUNOSE SOFTWARE 11.0.X - LINK LAYER CONFIGURATION GUIDE 4-1-2010
- Juniper JUNOSE SOFTWARE 11.2.X - BROADBAND ACCESS CONFIGURATION GUIDE 7-20-2010
- Juniper JUNOSE SOFTWARE 11.2.X - LINK LAYER CONFIGURATION GUIDE 7-7-2010