EasyManua.ls Logo

Huawei AR1200 Series - Page 332

Huawei AR1200 Series
392 pages
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
# Assign an IP address to the interface of RouterB.
<Huawei> system-view
[Huawei] interface ethernet 1/0/0
[Huawei-Ethernet1/0/0] ip address 202.138.162.1 255.255.255.0
[Huawei-Ethernet1/0/0] quit
Step 2 Configure local IDs and IKE peers on RouterA and RouterB.
# Configure the local ID and IKE peer on RouterA.
[Huawei] ike peer spub v1
[Huawei-ike-peer-spub] pre-shared-key huawei
[Huawei-ike-peer-spub] remote-address 202.138.162.1
[Huawei-ike-peer-spub] quit
NOTE
In aggressive mode, if the value of local-id-type is name, configure the IP address of the remote peer
(remote-address x.x.x.x) on the local end.
# Configure the local ID and IKE peer on RouterB.
[Huawei] ike peer spua v1
[Huawei-ike-peer-spua] pre-shared-key huawei
[Huawei-ike-peer-spua] remote-address 202.138.163.1
[Huawei-ike-peer-spua] quit
Run the display ike peer command on RouterA and RouterB to view the configuration of the
IKE peer. Take the display on RouterA as an example.
[Huawei] display ike peer name spub verbose
----------------------------------------
Peer name : spub
Exchange mode : main on phase 1
Pre-shared-key : huawei
Local ID type : IP
DPD : Disable
DPD mode : Periodic
DPD idle time : 30
DPD retransmit interval : 15
DPD retry limit : 3
Host name :
Peer Ip address : 202.138.162.1
VPN name :
Local IP address :
Remote name :
Nat-traversal : Disable
Configured IKE version : Version one
PKI realm : NULL
Inband OCSP : Disable
----------------------------------------
Step 3 Configure ACLs on RouterA and RouterB to define the data flows to be protected.
# Configure an ACL on RouterA.
[Huawei] acl number 3101
[Huawei-acl-adv-3101] rule permit ip source 10.1.1.0 0.0.0.255 destination 10.1.2.0
0.0.0.255
[Huawei-acl-adv-3101] quit
# Configure an ACL on RouterB.
[Huawei] acl number 3101
[Huawei-acl-adv-3101] rule permit ip source 10.1.2.0 0.0.0.255 destination 10.1.1.0
0.0.0.255
[Huawei-acl-adv-3101] quit
Huawei AR1200 Series Enterprise Routers
Configuration Guide - VPN 5 IPSec Configuration
Issue 01 (2012-04-20) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
321

Table of Contents

Other manuals for Huawei AR1200 Series

Preview: User Configuration Guide
User Configuration Guide232 pages
Preview: Hardware Description
Hardware Description218 pages
Preview: Usage Guide
Usage Guide69 pages
Preview: Configuration Guide - Wlan
Configuration Guide - Wlan58 pages
Preview: Configuration Guide - Voice
Configuration Guide - Voice65 pages
Preview: Compliance And Safety Manual
Compliance And Safety Manual31 pages
Preview: Configuration Guide - Mpls
Configuration Guide - Mpls132 pages
Preview: Brochure
Brochure12 pages

Related product manuals