erx2:vrA(config-if)#
tunnel peer-identity subnet 10.3.0.0 255.255.0.0
erx2:vrA(config-if)#
tunnel source 5.2.0.1
erx2:vrA(config-if)#
tunnel destination 5.3.0.1
erx2:vrA(config-if)#
ip address 10.3.0.0 255.255.0.0
erx2:vrA(config-if)#
exit
Virtual router B:
erx2(config)#
virtual-router vrB
erx2:vrB(config)#
Tunnel from Boca to Ottawa on virtual router B:
erx2:vrB(config)#
interface tunnel ipsec:Bboca2ottawa transport-virtual-router
default
erx2:vrB(config-if)#
tunnel transform-set customerBprotection
erx2:vrB(config-if)#
tunnel local-identity subnet 10.2.0.0 255.255.0.0
erx2:vrB(config-if)#
tunnel peer-identity subnet 10.1.0.0 255.255.0.0
erx2:vrB(config-if)#
tunnel source 5.2.0.2
erx2:vrB(config-if)#
tunnel destination 5.1.0.2
erx2:vrB(config-if)#
ip address 10.1.0.0 255.255.0.0
erx2:vrB(config-if)#
exit
Tunnel from Boca to Boston on virtual router B:
erx2:vrB(config)#
interface tunnel ipsec:Bboca2boston transport-virtual-router
default
erx2:vrB(config-if)#
tunnel transform-set customerBprotection
erx2:vrB(config-if)#
tunnel local-identity subnet 10.2.0.0 255.255.0.0
erx2:vrB(config-if)#
tunnel peer-identity subnet 10.3.0.0 255.255.0.0
erx2:vrB(config-if)#
tunnel source 5.2.0.2
erx2:vrB(config-if)#
tunnel destination 5.3.0.2
erx2:vrB(config-if)#
ip address 10.3.0.0 255.255.0.0
erx2:vrB(config-if)#
exit
5.
Last, on erx3, create two IPSec tunnels, one to carry customer A's traffic and
another to carry customer B's traffic.
Virtual router A:
erx3(config)#
virtual-router vrA
erx3:vrA(config)#
Tunnel from Boston to Ottawa on virtual router A:
erx3:vrA(config)#
interface tunnel ipsec:Aboston2ottawa transport-virtual-router
default
erx3:vrA(config-if)#
tunnel transform-set customerAprotection
erx3:vrA(config-if)#
tunnel local-identity subnet 10.3.0.0 255.255.0.0
erx3:vrA(config-if)#
tunnel peer-identity subnet 10.1.0.0 255.255.0.0
erx3:vrA(config-if)#
tunnel source 5.3.0.1
erx3:vrA(config-if)#
tunnel destination 5.1.0.1
erx3:vrA(config-if)#
ip address 10.1.0.0 255.255.0.0
erx3:vrA(config-if)#
exit
Tunnel from Boston to Boca on virtual router A:
Configuration Examples
■
167
Chapter 5: Configuring IPSec
Содержание JUNOSE 11.0.X IP SERVICES
Страница 6: ...vi...
Страница 8: ...viii JUNOSe 11 0 x IP Services Configuration Guide...
Страница 18: ...xviii Table of Contents JUNOSe 11 0 x IP Services Configuration Guide...
Страница 20: ...xx List of Figures JUNOSe 11 0 x IP Services Configuration Guide...
Страница 22: ...xxii List of Tables JUNOSe 11 0 x IP Services Configuration Guide...
Страница 28: ...2 Chapters JUNOSe 11 0 x IP Services Configuration Guide...
Страница 138: ...112 Monitoring J Flow Statistics JUNOSe 11 0 x IP Services Configuration Guide...
Страница 286: ...260 Monitoring IP Tunnels JUNOSe 11 0 x IP Services Configuration Guide...
Страница 312: ...286 Monitoring IP Reassembly JUNOSe 11 0 x IP Services Configuration Guide...
Страница 357: ...Part 2 Index Index on page 333 Index 331...
Страница 358: ...332 Index JUNOSe 11 0 x IP Services Configuration Guide...
