beautypg.com

Configure spoke 2 – H3C Technologies H3C SecPath F1000-E User Manual

Page 450

background image

438

a.

From the navigation tree, select VPN > DVPN > Client, and then click Add.

b.

Select the tunnel encapsulation mode UDP. Enter the tunnel interface number 1. Enter the IP
address/mask 10.0.1.3/24. Select security zone Management for the tunnel interface. Select
the tunnel source interface GigabitEthernet0/1. Enter the VPN domain name vpn1. Enter the

VAM server address 192.168.1.22. Enter the backup VAM server address 192.168.1.33.

Enter the VAM client username dvpn1spoke1. Enter the VAM client password dvpn1spoke1.

Enter the VAM client pre-shared key 123.

c.

Select Enable IPsec.

d.

Select the IPsec authentication method Pre-Shared Key and then enter abcde in the field.

e.

Select IP Address as both the remote ID type and the local ID type.

f.

Click Apply.

3.

Configure OSPF:

a.

From the navigation tree, select Network > Routing Management > OSPF.

b.

Select Enable OSPF and click Apply.

c.

In the Area Configuration area, click Add.

d.

Enter the area ID 0. Select Normal as the area type. Enter the network address 10.0.2.0, select
the network mask 0.0.0.255, and then click Add Network. Enter the network address 10.0.1.0,

select the network mask 0.0.0.255, and then click Add Network. Click Apply.

e.

Click More>> to perform OSPF interface configuration.

f.

Click the

icon of interface Tunnel1.

g.

Enter 10 as the Hello interval. Enter 40 as the Dead interval. Select P2MP as the network type.
Select 0 as the DR priority. Click Apply.

Configure Spoke 2

1.

Configure IP addresses for the interfaces. (Details not shown)

2.

Configure tunnel interface Tunnel1 for VPN domain vpn1.

a.

From the navigation tree, select VPN > DVPN > Client, and then click Add.

b.

Select the tunnel encapsulation mode UDP, enter the tunnel interface number 1, enter IP
address/mask 10.0.1.4/24, select security zone Management for the tunnel interface, select
the tunnel source interface GigabitEthernet0/1, and enter the VPN domain name vpn1, the

VAM server address 192.168.1.22, the backup VAM server address 192.168.1.33, the VAM

client username dvpn1spoke2, the VAM client password dvpn1spoke2, and the VAM client

pre-shared key 123.

c.

Select Enable IPsec.

d.

Select the IPsec authentication method Pre-Shared Key and then enter abcde in the field.

e.

Select IP Address as both the remote ID type and the local ID type.

f.

Click Apply.

3.

Configure OSPF:

a.

From the navigation tree, select Network > Routing Management > OSPF.

b.

Select Enable OSPF and click Apply.

c.

In the Area Configuration area, click Add.

d.

Enter area ID 0, select Normal as the area type, enter network address 10.0.3.0, select

network mask 0.0.0.255, and then click Add Network. Enter network address 10.0.1.0, select

network mask 0.0.0.255, and then click Add Network. Click Apply.