AP-VPN Deployment
20.2 Configuring AP and Controller for AP-VPN Operations
SCALANCE W1750D UI
334
Configuration Manual, 02/2018, C79000-G8976-C451-02
20.2.2
Configuring a Controller for AP-VPN Operations
Controllers provide an ability to terminate the IPsec and GRE VPN tunnels from the AP and
provide corporate connectivity to the branch network.
For AP-VPN operations, ensure that the following configuration and verification procedures
are completed on the controller:
●
OSPF Configuration
●
VPN Configuration
●
Branch-ID Allocation
●
Branch Status Verification
Note
This section describes the configuration procedures for the controller to realize generic use
cases. For information on specific deployment scenarios, see AP-VPN Deployment
OSPF Configuration
Open Shortest Path First (OSPF) is a dynamic Interior Gateway routing Protocol (IGP) based
on IETF RFC 2328. The premise of OSPF is that the shortest or fastest routing path is used.
The implementation of OSPFv2 allows controllers to deploy effectively in a Layer 3 topology.
The controllers can act as the default gateway for all clients and forward user packets to the
upstream router.
Each AP-VPN can be defined a separate subnet derived from the corporate intranet pool to
allow AP-VPN devices to work independently
To redistribute AP-VPN routes into the OSPF process:
(scalance)(config) # router ospf redistribute rapng-vpn
To verify if the redistribution of the AP-VPN is enabled:
(scalance) #show ip ospf redistribute
To configure aggregate route for AP-VPN routes:
(scalance) (config) # router ospf aggregate-route rapng-vpn
To view the aggregated routes for AP-VPN routes:
(scalance) #show ip ospf rapng-vpn aggregate-routes RAPNG VPN aggregate routes
--------------------------
Prefix Mask Contributing routes Cost
------ ---- ------------------- ---- 201.201.200.0 255.255.252.0 5 268779624
100.100.2.0 255.255.255.0 1 10
To verify the details of a configured aggregated route:
(scalance) # show ip ospf rapng-vpn aggregated-routes <net> <mask>
Содержание SCALANCE W1750D UI
Страница 18: ...About this guide SCALANCE W1750D UI 18 Configuration Manual 02 2018 C79000 G8976 C451 02 ...
Страница 28: ...About SCALANCE W 3 3 SCALANCE W CLI SCALANCE W1750D UI 28 Configuration Manual 02 2018 C79000 G8976 C451 02 ...
Страница 108: ...IPv6 Support 10 4 Debugging Commands SCALANCE W1750D UI 108 Configuration Manual 02 2018 C79000 G8976 C451 02 ...
Страница 326: ......
Страница 356: ......
Страница 374: ......
Страница 416: ......
Страница 440: ......
Страница 450: ...Intrusion Detection 27 4 Configuring IDS SCALANCE W1750D UI 450 Configuration Manual 02 2018 C79000 G8976 C451 02 ...
Страница 470: ......
Страница 480: ......
Страница 496: ......
Страница 518: ...Hotspot Profiles 33 3 Sample Configuration SCALANCE W1750D UI 518 Configuration Manual 02 2018 C79000 G8976 C451 02 ...
Страница 528: ......
Страница 552: ......
Страница 570: ...Appendix B 3 Glossary SCALANCE W1750D UI 570 Configuration Manual 02 2018 C79000 G8976 C451 02 ...