Configuration Of An Ip Interface And The Ip Router For Ipsec; Displaying Ipsec Configuration Information - Patton electronics OnSite 2800 Series User Manual

Managed vpn router

Hide thumbs Also See for OnSite 2800 Series:

Quick start manual (9 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

page of 135

/ 135
Contents
Table of Contents
Bookmarks

Table of Contents

OnSite 2800 Series User Manual

Configuration of an IP interface and the IP router for IPsec

The IP interface that provides connectivity to the IPsec peer, must now activate the outgoing ACL profile con-

figured in the previous section. Furthermore, the IP router must have a route for the remote network that

points to the respective IP interface.

Procedure: To activate the outgoing ACL profile and to establish the necessary route

Mode: Configure

Step

node(cfg)#context ip router

node(ctx-ip)[router]#interface if-name

node(if-ip)[if-name]# use profile acl

name out

node(if-ip)[if-name]#context ip router

node(ctx-ip)[router]#route remote-net-

optional

work-address remote-network-mask if-name 0

Example: Activate outgoing ACL and establish route

The following example configures an outgoing ACL profile that interconnects the two private networks

192.168.1/24 and 172.16/16.

2800(cfg)#context ip router

2800(ctx-ip)[router]#interface WAN

2800(if-ip)[WAN]#use profile acl VPN_Out out

2800(if-ip)[WAN]#context ip router

2800(ctx-ip)[router]#route 172.16.0.0 255.255.0.0 WAN 0

Displaying IPsec configuration information

This section shows how to display and verify the IPsec configuration information.

Procedure: To display IPsec configuration information

Mode: Configure

Step

node(cfg)#show profile ipsec-trans-

optional

form

node(cfg)#show profile ipsec-policy-

optional

manual

VPN configuration task list

Command

Purpose

Enter IP context

Create/enter the IP interface if-name

Activate the outgoing ACL profile name

Enter IP context

Creates a route for the remote network that

points the above IP interface if-name

You can omit this setting if the default route

already points to this IP interface or to a next hub

reachable via this IP interface, and if there is no

other route.

Make also sure that the IP router knows how to

reach the peer of the secured communication.

Usually, a default route does this job.

Purpose

Displays all IPsec transformation profiles

Displays all IPsec policy profiles

6 • VPN configuration

Table of Contents

Configuration Of An Ip Interface And The Ip Router For Ipsec; Displaying Ipsec Configuration Information - Patton electronics OnSite 2800 Series User Manual

Configuration of an IP interface and the IP router for IPsec

Displaying IPsec configuration information

Related Manuals for Patton electronics OnSite 2800 Series

Related Content for Patton electronics OnSite 2800 Series

Table of Contents