IP路线配置

Themanaged devices和VPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.分支网络中的浓缩器必须具有IPv4路线，以确定每个设备必须如何达到Mobility Master和itsVPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.peers over any intermediate public or private IPv4 networks (underlay routes). Routes are also required to determine the internal networks that must be reached by the branch devices through the overlayVPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.tunnels (overlay routes).

Underlay Routes

To reachWANWide Area Network. WAN is a telecommunications network or computer network that extends over a large geographical distance.或者the internet, theVPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.Concentrators in data centers can use static routes. In case of privateWANWide Area Network. WAN is a telecommunications network or computer network that extends over a large geographical distance.deployments, the administrators can configure Open Shortest Path First (OSPFOpen Shortest Path First. OSPF is a link-state routing protocol for IP networks. It uses a link-state routing algorithm and falls into the group of interior routing protocols that operates within a single Autonomous System (AS).) routes.

managed devices, however, use the default routes obtained from service providers throughDHCPDynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.或者PPPoEPoint-to-Point Protocol over Ethernet. PPPoE is a method of connecting to the Internet, typically used with DSL services, where the client connects to the DSL modem.. For privateWANWide Area Network. WAN is a telecommunications network or computer network that extends over a large geographical distance.deployments orMPLS多协议标签切换。MPLS协议加快并塑造网络流量流。routing, the administrators can configure static routes.

Overlay Routes

For overlay routes, the administrators can useIKEv2Internet Key Exchange version 2. IKEv2 uses the secure channel established in Phase 1 to negotiate Security Associations on behalf of services such as IPsec. IKEv2 uses pre-shared key and Digital Signature for authentication. See RFC 4306.extensions to dynamically learn networks from each connected branch. The routes can be populated in the forwarding table for eachVPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.集中器作为静态路线。这些路线也可以重新分配到OSPFOpen Shortest Path First. OSPF is a link-state routing protocol for IP networks. It uses a link-state routing algorithm and falls into the group of interior routing protocols that operates within a single Autonomous System (AS).. The administrators can define static routes for each destination network andVPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.Concentrator, and then configureVPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.Concentrators to redistribute routes at different costs to prevent routing loops.

Configuring Static IP Routes

对于使用静态IP路由的覆盖路由，请确保您为每个分支网络和数据中心定义静态路由，如下所示：

每个分支网络的静态路线必须在router in the data center.

每个分支网络的静态路线必须在VPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.每个远程网络，同行和链接的集中器。

Static routes for each data center or a hub site must be defined for eachmanaged device.

创建静态IP路由

To configure a static IP route, perform the following steps in the WebUI:

1.In the托管网络node hierarchy, navigate toConfiguration> Interfaces > IP Routestab.

2.ExpandIP Routes和click+to add a static route to a destination network or host.

3.Enter the IP address andNetMaskNetmask is a 32-bit mask used for segregating IP address into subnets. Netmask defines the class and range of IP addresses.为了Destination IP address和Destination network mask, respectively.

4.Configure a forwarding setting:

Using Forwarding Router Address—Enter the next hop IP address in dotted decimal format (A.B.C.D). You can also enter the distance metric (cost) for this route. The cost prioritizes routing to the destination. The lower the cost, the higher the priority.

Using IPsec Tunnel to VPNC—Select theVPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.Concentrator and the uplink to use. Select this option for a Hub and SpokeVPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.configuration. For more information, seeHub and Spoke VPN Configuration.

Using Site-to-Site IPsec—Enter theipsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session.静态使用的地图名称ipsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session.route map. Select this option for a site-to-siteVPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.. For more information, seeWorking with Site-to-Site VPNs.

Using Null Interface—Designate a null interface.

5.Specify a value for theCost.

6.ClickSubmit.