Specifications
VPN Site-to-Site Sample Configuration
XSR Getting Started Guide 3-27
XSR(config-if<D1>)#di pool 1
+ Specifies the dial pool from which calls originate
XSR(config-if<D1>)#no shutdown
+ Enables the dial interface
Configure SNMP
ACL 26 is created to be permit SNMP traffic from host 192.168.2.32. Stricter ACLs can be written if
tighter security controls are required.
XSR(config)#access-list 26 permit host 192.168.2.32
XSR(config)#snmp-server community toMonitor1 ro 26
+
Adds an SNMP community with read-only privileges attached to ACL 26
XSR(config)#snmp-server community toConfigure1 rw 26
+ Adds another SNMP community with read-write privileges attached to ACL 26
XSR(config)#snmp-server enable traps
+ Enables traps to be transmitted
XSR(config)#snmp-server contact support@enterasys.com
+ Specifies contact information for the management server
XSR(config)#snmp location “HQ 2nd floor”
+ Specifies the server locationr
XSR(config)#snmp-server host 192.168.2.101 traps trapCommunity
+ Specifies management station to send traps to
XSR(config)#snmp-server host 192.168.2.102 traps trapCommunity
+
Specifies another management station to send traps to
VPN Site-to-Site Sample Configuration
The following VPN topology, shown in Figure 3-5, configures a central site XSR to connect over
IPSec tunnels with a remote ANG-1105 and two XSRs.
Figure 3-5 VPN Site-to-Site Topology
S
E
C
U
R
I
T
Y
R
O
U
T
E
R
S
S
E
C
U
R
I
T
Y
R
O
U
T
E
R
S
S
E
C
U
R
IT
Y
R
O
U
T
E
R
S
112.16.244.10
Gateway IP address
for all remote sites
Branch Sites
XSR-1850
ANG-1105
XSR-1850
Firewall
112.16.244.9
112.16.244.7
112.16.244.5
112.16.72.2
112.16.80.2
XSR-1850
112.16.76.2
112.16.1.221
Central Site