Verifying the configuration – H3C Technologies H3C SecPath F1000-E User Manual

461

4.

Configure the DVPN tunnel:
# Configure tunnel interface Tunnel 2 for VPN 2. Tunnel 2 uses GRE for encapsulation.

[Spoke3] interface tunnel 2

[Spoke3-Tunnel2] tunnel-protocol dvpn gre

[Spoke3-Tunnel2] vam client dvpn2spoke3

[Spoke3-Tunnel2] ip address 10.0.2.3 255.255.255.0

[Spoke3-Tunnel2] source ethernet 1/1

[Spoke3-Tunnel2] ospf network-type broadcast

[Spoke3-Tunnel2] ospf dr-priority 0

[Spoke3-Tunnel2] ipsec profile vamp

[Spoke3-Tunnel2] quit

5.

Configure OSPF:
# Configure OSPF for the public network.

[Spoke3] ospf 100

[Spoke3-ospf-100] area 0

[Spoke3-ospf-100-area-0.0.0.0] network 192.168.1.5 0.0.0.255

[Spoke3-ospf-100-area-0.0.0.0] quit

# Configure OSPF for the private network.

[Spoke3] ospf 200

[Spoke3-ospf-200] area 0

[Spoke3-ospf-200-area-0.0.0.0] network 10.0.2.3 0.0.0.255

[Spoke3-ospf-200-area-0.0.0.0] network 10.0.5.1 0.0.0.255

Verifying the configuration

# Display the address mapping information of all VAM clients registered with the primary VAM server.

[PrimaryServer] display vam server address-map all

VPN name: 1

Total address-map number: 4

Private-ip Public-ip Type Holding time

10.0.1.1 192.168.1.1 hub 0H 52M 7S

10.0.1.2 192.168.1.2 hub 0H 47M 31S

10.0.1.3 192.168.1.3 spoke 0H 28M 25S

10.0.1.4 192.168.1.4 spoke 0H 19M 15S

VPN name: 2

Total address-map number: 4

Private-ip Public-ip Type Holding time

10.0.2.1 192.168.1.1 hub 0H 51M 44S

10.0.2.2 192.168.1.2 hub 0H 46M 45S

10.0.2.3 192.168.1.5 spoke 0H 11M 25S

10.0.2.4 192.168.1.4 spoke 0H 18M 32S

# Display the address mapping information of all VAM clients registered with the secondary VAM server.

[SecondaryServer] display vam server address-map all

VPN name: 1

Total address-map number: 4

Private-ip Public-ip Type Holding time