Configuring spoke 3, Verifying the configuration – H3C Technologies H3C SecPath F1000-E User Manual
Page 444
432
f.
Click the
icon of interface Tunnel1.
g.
Enter 10 as the Hello interval. Enter 40 as the Dead interval. Select Broadcast as the network
type. Select 0 as the DR priority. Click Apply.
h.
OSPF configurations for tunnel interface Tunnel2 are similar to those for Tunnel1. The
difference is that you must add subnets 10.0.2.0/0.0.0.255 and 10.0.6.0/0.0.0.255 to OSPF
area 1.
Configuring Spoke 3
The Spoke 3 configuration page is similar to the Hub 1 configuration page. See the figures for Hub 1
configuration.
1.
Configure tunnel interface Tunnel2 for VPN domain vpn2.
a.
From the navigation tree, select VPN > DVPN > Client, and then click Add.
b.
Select tunnel encapsulation mode GRE. Enter tunnel interface number 2. Enter IP address/mask
10.0.2.3/24. Select security zone Management for the tunnel interface. Select tunnel source
interface GigabitEthernet0/1. Enter VPN domain name vpn2. Enter the VAM server address
192.168.1.22. Enter the backup VAM server address 192.168.1.33. Enter the VAM client
username dvpn2spoke3. Enter the VAM client password dvpn2spoke3. Enter the VAM client
pre-shared key 456.
c.
Select Enable IPsec.
d.
Select the IPsec authentication method Pre-Shared Key and then enter abcde in the field.
e.
Select IP Address as both the remote ID type and the local ID type.
f.
Click Apply.
2.
Configure OSPF:
a.
From the navigation tree, select Network > Routing Management > OSPF.
b.
Select Enable OSPF and click Apply.
c.
In the Area Configuration area, click Add.
d.
Enter the area ID 1. Select Normal as the area type. Enter network address 10.0.5.0, select
network mask 0.0.0.255, and then click Add Network. Enter network address 10.0.1.0, select
network mask 0.0.0.255, and then click Add Network. Click Apply.
e.
Click More>> to perform OSPF interface configuration.
f.
Click the
icon of interface Tunnel2.
g.
Enter 10 as the Hello interval. Enter 40 as the Dead interval. Select Broadcast as the network
type. Select 0 as the DR priority. Click Apply.
Verifying the configuration
1.
From the navigation tree of the main VAM server, select VPN > DVPN > Server. Click the VAM
Client Info tab to view the address mapping information of all VAM clients that have registered
with the main VAM server.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS