rip 200
version 2
network 10.0.0.0
import-route direct
#
return
3.18.10 Example for Connecting VPN and Internet
By configuring a proxy service in the VPN, you can enable the VPN to interconnect with the
Internet.
Networking Requirements
As shown in Figure 3-11, CE1 and CE2 on the private network can mutually access. Meanwhile
a proxy server with the public network address is attached with CE1. Thus, users of CE1 can
access Internet through this proxy server. In this example, the P device serves as a substitute for
the Internet.
Figure 3-11 Example of enabling VPN users to access the public network
P
PE1
PE2
CE1
CE2
Internet
AS100
GE1/0/0
10.1.1.2/24
GE1/0/0
100.1.1.2/24
GE1/0/0
100.2.1.2/24
GE2/0/0
100.1.1.1/24
GE2/0/0
100.2.1.1/24
GE1/0/0
10.1.1.1/24
GE1/0/0
10.2.1.1/24
GE2/0/0
10.2.1.2/24
Agent Server
AS 65410
AS 65420
Loopback1
1.1.1.1/32
Loopback1
2.2.2.2/32
Loopback1
3.3.3.3/32
vpn1
vpn1
GE2/0/0
100.3.1.2/24
100.3.1.1/24
Configuration Roadmap
In this configuration, configure the L3VPN first. It needs the following static routes:
1. Add a default route on CE1. The next hop is PE1.
2. Add a default route from the VPN device to the Internet on PE1. The next hop is P. Thus,
the traffic of the proxy server can reaches the Internet.
3. Add a static route from the Internet to the proxy server on PE1 and the next hop is CE1.
Use IGP to advertise this route to the Internet, Thus, the traffic of Internet can reaches the
server attached with CE1.
Huawei AR1200 Series Enterprise Routers
Configuration Guide - VPN 3 BGP MPLS IP VPN Configuration
Issue 01 (2012-04-20) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
226
To Next Page
Loading...
Need help?
General
