IPsec Tunnel with DDNS Client Test Scenario using OmniAccess 5740 USG
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
1111
Alcatel-Lucent
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Configuration Guide
CONFIGURATION STEPS
ON OA5740-A
Step 1: IPsec Policy configuration:
a) Configure a match-list
OA5740-A(config)# match-list m1
OA5740-A(config-match-list-m1)#1 ip prefix 192.168.2.0/24
prefix 192.168.1.0/24
b) Configure an IKE policy
OA5740-A(config)# crypto ike policy IKE1
OA5740-A(config-ike-policy-IKE1)# proposal md5-des
OA5740-A(config-ike-policy-IKE1)# ipsec security-association
lifetime seconds 28800
OA5740-A(config-ike-policy-IKE1)# lifetime seconds 86400
OA5740-A(config-ike-policy-IKE1)# pfs group2
c) Configure an IKE Key
OA5740-A(config)# crypto ike key test1234 peer 2.2.2.3
d) Configure a transform set
OA5740-A(config)# crypto ipsec transform-set TS1 esp-md5-des
e) Configure a crypto map
OA5740-A(config)# crypto map cryptomap1 ipsec-ike IKE1
OA5740-A(config-crypto-map-cryptomap1)# peer 2.2.2.3
OA5740-A(config-crypto-map-cryptomap1)# match m1
OA5740-A(config-crypto-map-cryptomap1)# transform-set TS1
OA5740-A(config-crypto-map-cryptomap1)# pfs group2
f) Attach crypto map to the interface
ALU(config)# interface Serial 0/0
ALU(config-if Serial0/0)# crypto map cryptomap1
Step 2: DNS client configuration
a) Enable domain lookup on the OmniAccess 5740 USG.
OA5740-A(config)# ip domain-lookup
b) Specify name server to which the requests are to be sent.
OA5740-A(config)# ip name-server 135.250.20.2 primary
Step 3: DDNS client configuration
a) Configure DDNS method, DDNS protocol type, and DDNS server parameters
for a method.
OA5740-A(config)# ip ddns update method myDdnsObj
OA5740-A(config–ddns-myDdnsObj)# http
OA5740-A(config-ddns-HTTP)# server members.dyndns.org
username myMembername password myMemberPass
To Next Page
Loading...
