Manualshelf

User`s guide

ManualsBrandsEnterasys ManualsComputer equipmentANG-3000
311312313314315316317318319320
280 XSR Users Guide
Configuration Examples Chapter 11
Configuring the Virtual Private Network
XSR(config-int-vpn)#firewall disable
XSR(config-int-vpn)#ip address 10.120.70.1 255.255.255.0
XSR(config-int-vpn)#ip ospf priority 10
XSR(config-int-vpn)#ip ospf network nbma
Add a default route to the next hop Internet gateway:
XSR(config)#ip route 0.0.0.0 0.0.0.0 141.154.196.93
Define an IP pool for distribution of tunnel addresses to all client types:
XSR(config)#ip local pool test 10.120.70.0/24
Create hosts to resolve hostnames for the certificate servers for CRL retrieval:
XSR(config)#ip host parentca 141.154.196.89
XSR(config)#ip host childca2 141.154.196.81
XSR(config)#ip host childca1 141.154.196.83
Clear the DF bit globally:
XSR(config)#crypto ipsec df-bit clear
Enable the OSPF engine, VPN and FastEthernet 1 interfaces for routing:
XSR(config)#router ospf 1
XSR(config-router)#network 10.120.70.0 0.0.0.255 area 5.5.5.5
XSR(config-router)#network 10.120.112.0 0.0.0.255 area 5.5.5.5
Create a group for NEM and Client mode users:
XSR(config)#aaa group sohoclient
XSR(aaa-group)#dns server primary 10.120.112.220
XSR(aaa-group)#dns server secondary 0.0.0.0
XSR(aaa-group)#wins server primary 10.120.112.220
XSR(aaa-group)#wins server secondary 0.0.0.0
XSR(aaa-group)#ip pool test
XSR(aaa-group)#pptp compression
XSR(aaa-group)#pptp encrypt mppe 128
XSR(aaa-group)#l2tp compression
XSR(aaa-group)#policy vpn
Define a group for remote access XP users including DNS and WINs servers,
an IP pool, PPTP and L2TP values, and client VPN permission:
XSR(config)#aaa group XPusers
XSR(aaa-group)#dns server primary 10.120.112.220