DMVPN Configuration Scenarios using OmniAccess 5740 USG
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
901
Alcatel-Lucent
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Configuration Guide
ON OA5740-A (SPOKE)
a) Configure a NHRP object, and parameters under a NHRP object. Configure IP
address of the NHS in a NHRP object, static map entry for NHS and NHS network
identifier.
OA5740-A(config)# ip nhrp alu-dmvpn
OA5740-A(config-nhrp-alu-dmvpn)# nhs 2.2.2.1
OA5740-A(config-nhrp-alu-dmvpn)# map 2.2.2.1 10.1.1.1
OA5740-A(config-nhrp-alu-dmvpn)# network-id 1234
b) IPsec VPN configuration: Configure preshared key, IKE policy, Transform Set.
OA5740-A(config)# crypto ike key top_secret1612 peer 0.0.0.0
OA5740-A(config)# crypto ike policy IKE1
OA5740-A(config-crypto-ike-policy-IKE1)#
OA5740-A(config)# crypto ipsec transform-set TS1 esp-md5-des
c) Configure IPsec Profile
OA5740-A(config)# crypto ipsec profile PF1
OA5740-A(ipsec-profile-PF1)# ike-policy IKE1
OA5740-A(ipsec-profile-PF1)# transform-set TS1
OA5740-A(ipsec-profile-PF1)# pfs group2
d) Configure an interface.
OA5740-A(config)# interface GigabitEthernet 3/0
OA5740-A(config-if GigabitEthernet3/0)# no shutdown
OA5740-A(config-if GigabitEthernet3/0)# ip address 10.1.2.1
e) Configure a tunnel interface.
OA5740-A(config)# interface Tunnel 1
OA5740-A(config-if Tunnel1)# no shutdown
OA5740-A(config-if Tunnel1)# ip address 2.2.2.2
OA5740-A(config-if Tunnel1)# mode multipoint-gre
f) Specify tunnel source, attach the configured IPsec profile and NHRP object to
the tunnel.
OA5740-A(config-if Tunnel1)# tunnel source 10.1.2.1
OA5740-A(config-if Tunnel1)# ipsec-profile PF1
OA5740-A(config-if Tunnel1)# nhrp alu-dmvpn
To Next Page
Loading...
