huawei ipsec v p n

Enterprise 2019-07-17 22:52:41 views: null

Experimental topology:
huawei ipsec v p n! []

Purpose:
Wuhan, Harbin branch and headquarters to establish a connection via ipsec vpn, achieve network access each other within both sides.

The main record ipsec configuration.
Pre-configured simulation environment, Wuhan and Harbin normal pc can go to access the public network, which is the network of the region
huawei ipsec v p n

Wuhan export routing configuration:

<wuhan-r>dis ip rout | in Sta
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
         Destinations : 12       Routes : 12       

Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface

0.0.0.0/0   Static  60   0          RD   222.73.1.1      GigabitEthernet0/0/0
192.168.0.0/16  Static  60   0          RD   1.1.1.2         GigabitEthernet0/0/1

<wuhan-r>

Harbin export routing configuration:

<wuhan-r>dis ip rout | in Sta
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
         Destinations : 12       Routes : 12       

Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface

0.0.0.0/0   Static  60   0          RD   222.73.1.1      GigabitEthernet0/0/0
192.168.0.0/16  Static  60   0          RD   1.1.1.2         GigabitEthernet0/0/1

<wuhan-r>

Wuhan nat configuration:

<wuhan-r>dis acl 2000
Basic ACL 2000, 1 rule
Acl's step is 5
rule 10 permit source 192.168.0.0 0.0.255.255 

<wuhan-r>dis nat ou 
<wuhan-r>dis nat outbound 
NAT Outbound Information:
-------------------------------------------------------------------------
Interface                     Acl     Address-group/IP/Interface      Type
-------------------------------------------------------------------------
GigabitEthernet0/0/0         2000                     222.73.1.2    easyip  
-------------------------------------------------------------------------
Total : 1
<wuhan-r>

Harbin nat configuration:

<haerb-r>dis acl 2000
Basic ACL 2000, 1 rule
Acl's step is 5
 rule 10 permit source 172.16.0.0 0.0.255.255 

<haerb-r>dis nat out    
<haerb-r>dis nat outbound 
 NAT Outbound Information:
 --------------------------------------------------------------------------
 Interface                     Acl     Address-group/IP/Interface      Type
 --------------------------------------------------------------------------
 GigabitEthernet0/0/0         2000                     180.73.2.2    easyip  
 --------------------------------------------------------------------------
  Total : 1
<haerb-r>

Two-story configuration will not be covered.
Now Wuhan and Harbin internal pc can normally access. But Wuhan and Harbin pc can not visit each other, this time to configure ipsec v pn Wuhan and Harbin can achieve within the network can access each other.

https://support.huawei.com/enterprise/zh/routers/ar2200-pid-6078842?category=configuration-commissioning

Guess you like

Origin blog.51cto.com/7585527/2421050
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com