3.
4.
•
•
•
To view the NHRP records status, use the following command.
Additionally, in the security zone-pair untrusted self, the protocols for the GRE over IPSec tunnel must be
allowed.
esr(config)# security zone-pair untrusted self
esr(config-zone-pair)# rule 10
esr(config-zone-pair-rule)# action permit
esr(config-zone-pair-rule)# match protocol gre
esr(config-zone-pair-rule)# enable
esr(config-zone-pair-rule)# exit
esr(config-zone-pair)# rule 11
esr(config-zone-pair-rule)# action permit
esr(config-zone-pair-rule)# match protocol esp
esr(config-zone-pair-rule)# enable
esr(config-zone-pair-rule)# exit
esr(config-zone-pair)# rule 12
esr(config-zone-pair-rule)# action permit
esr(config-zone-pair-rule)# match protocol ah
esr(config-zone-pair-rule)# enable
esr(config-zone-pair-rule)# exit
esr(config-zone-pair)# exit
9.3 L2TPv3 tunnel configuration
L2TPv3 (Layer 2 Tunnelling Protocol Version 3) is a protocol used for tunneling of 2nd level OSI model packets
between two IP nodes. IP or UDP is used as an encapsulation protocol. L2TPv3 may be used as an alternative
to MPLS P2P L2VPN (VLL) for L2 VPN establishment. In ESR router implemented static unmanageable L2TPv3
tunnels, i.e. tunnels are created manually via configuration on local and remote hosts. Tunnel parameters for
each side should be mutually agreeable, otherwise transferred data will not be decapsulated by the partner.
9.3.1 Configuration algorithm
Step Description Command Keys
1 Configure L3 interface from which a
L2TPv3 tunnel will be built.
2 Create a L2TPv3 tunnel and switch to
its configuration mode.
esr(config)# tunnel l2tpv3 <INDEX> <INDEX> – tunnel identifier, set
in the range of:
for ESR-10/12V(F)/14VF
– [1..10];
for ESR-20/21/100/200 –
[1..250];
for ESR-1000/1200/1500
/1511/1700/3100 –
[1..500].
To Next Page
Loading...
Need help?
General
