ArubaOS 8.6.0.0Help Center

Configuring流动性的主人in VPNC Topology

In a VPNC based topology, themanaged devicesdo not directly establishIPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session.tunnel with流动性的主人s. Themanaged devicesestablishIPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session.tunnel with VPNC which in turn establishesIPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session.tunnel with the流动性的主人.ArubaOSnow provides support to establish IPv6 tunnel betweenmanaged devicesto VPNC and between VPNC to流动性的主人s. The VPNC acts as passthrough for both IPv4 as well as IPv6 communication between流动性的主人andmanaged device.

You can establish an IPv4IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session.tunnel between amanaged deviceand VPNC while having IPv6IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session.tunnel between VPNC and流动性的主人in a network deployment. However, you cannot have an IPv6IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session.tunnel betweenmanaged deviceand VPNC while having IPv4IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session.tunnel between VPNC and流动性的主人.

The followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands establishIPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session.tunnel between VPNC and themanaged deviceby adding peer details of themanaged deviceon the VPNC:

(host)[mynode](config) #change-config-node /md

(host)[md](config) #vpn-peer peer-mac 00:0b:86:9a:6b:37 cert-auth factory-cert

(host)[md](config) #vpn-peer peer-mac 00:0b:86:9a:6b:37 pre-share-key aruba123

The followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.命令添加流动性的主人details:

(host)[md](config) #change-config-node /mm

(host)[mm](config) #local-peer-mac 00:0b:86:9a:6b:37 ipsec aruba@123

The followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.command configures primary流动性的主人in VPNC topology:

(MM-Primary) [md] (config) #masteripv6 vpn-ipv6 ipsec | ipsec-factory-cert | ipsec-custom-cert ] [ peer-mac-1 ] [ peer-mac-2 interface vlan masteripv4

(MM-Primary) [md] (config) #write memory

The following sampleCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands configure the primary流动性的主人:

(MM-Primary) [md] (config) #masteripv6 2001:1001::201 vpn-ipv6 2001:1001::204 ipsec aruba123 peer-id interface vlan masteripv4

(MM-Primary) [md] (config) #write memory

The following sampleCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands configure the secondary流动性的主人:

(MM-Backup) [md] (config) #secondary masteripv6 2001:1001::203

(MM-Backup) [md] (config-submode)##ipsec aruba123 vpn-ipv6 2001:1001::205 same as above

(MM-Backup) [md] (config) #write memory

/*]]>*/
Baidu