390
Table 14 Interface and IP address assignment
Device
Interfac
e
IP address Device Interface IP address
Hub 1 GE2/0/1 1.0.0.1/24 Spoke 1 GE2/0/1 1.0.0.3/24
Tunnel1 192.168.0.1/24 GE2/0/2 192.168.1.1/24
Hub 2 GE2/0/1 1.0.0.2/24 Tunnel1 192.168.0.3/24
Tunnel1 192.168.0.2/24 Spoke 2 GE2/0/1 1.0.0.4/24
AAA server 1.0.0.10/24 GE2/0/2 192.168.2.1/24
Primary server GE2/0/1 1.0.0.11/24 Tunnel1 192.168.0.4/24
Secondary server GE2/0/1 1.0.0.12/24
Configuring the primary VAM server
1. Configure IP addresses for the interfaces. (Details not shown.)
2. Configure AAA:
# Configure RADIUS scheme abc.
<PrimaryServer> system-view
[PrimaryServer] radius scheme abc
[PrimaryServer-radius-abc] primary authentication 1.0.0.10 1812
[PrimaryServer-radius-abc] primary accounting 1.0.0.10 1813
[PrimaryServer-radius-abc] key authentication simple 123
[PrimaryServer-radius-abc] key accounting simple 123
[PrimaryServer-radius-abc] user-name-format without-domain
[PrimaryServer-radius-abc] quit
[PrimaryServer] radius session-control enable
# Configure AAA methods for ISP domain abc.
[PrimaryServer] domain abc
[PrimaryServer-isp-abc] authentication advpn radius-scheme abc
[PrimaryServer-isp-abc] accounting advpn radius-scheme abc
[PrimaryServer-isp-abc] quit
[PrimaryServer] domain default enable abc
3. Configure the VAM server:
# Create ADVPN domain abc.
[PrimaryServer] vam server advpn-domain abc id 1
# Create hub group 0.
[PrimaryServer-vam-server-domain-abc] hub-group 0
# Specify hub private IPv4 addresses.
[PrimaryServer-vam-server-domain-abc-hub-group-0] hub private-address 192.168.0.1
[PrimaryServer-vam-server-domain-abc-hub-group-0] hub private-address 192.168.0.2
# Specify a spoke private IPv4 network.
[PrimaryServer-vam-server-domain-abc-hub-group-0] spoke private-address network
192.168.0.0 255.255.255.0
[PrimaryServer-vam-server-domain-abc-hub-group-0] quit
# Set the pre-shared key to 123456.
[PrimaryServer-vam-server-domain-abc] pre-shared-key simple 123456
# Set the authentication mode to CHAP.
To Next Page
Loading...
