No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S12700 V200R011C10 Configuration Guide - VPN

This document describes the VPN configuration procedures and provides configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring Ethernet over GRE to Enable Layer 2 Communication Between an AC and a Wireless Gateway

Example for Configuring Ethernet over GRE to Enable Layer 2 Communication Between an AC and a Wireless Gateway

Networking Requirements

Figure 1-21 shows typical networking in a wireless city project. APs provide wireless user access; SwitchA functions as the AC to provide AP access and user authentication; the WLAN GW functions as a user gateway to provide functions including IP address assignment and Internet access. There are a large number of APs at this site. To prevent a lot of resources from being consumed by frequent establishment and deletion of many GRE tunnels on the WLAN GW, Ethernet over GRE can be configured between the AC and WLAN GW for Layer 2 communication.

Figure 1-21  Configuring Ethernet over GRE for Layer 2 communication between an AC and a wireless gateway

Configuration Roadmap

NOTE:

This example provides only AC-side (SwitchA's) Ethernet over GRE configuration. For the WLAN configuration and WLAN GW's Ethernet over GRE configuration, see the corresponding configuration document.

To meet the preceding requirements, you need to deploy an Ethernet over GRE tunnel between SwitchA and the WLAN GW so that Ethernet packets can be forwarded from a VE interface over a GRE tunnel. This enables Layer 2 communication between the AC and WLAN GW.

The configuration roadmap for deploying an Ethernet over GRE tunnel on the AC is as follows:

  1. Run IGP between all devices for communication on the public network.

  2. Create tunnel interfaces and deploy a GRE tunnel on SwitchA.

  3. Create a VE interface on SwitchA and add this interface to the corresponding VLAN.

  4. On SwitchA, bind the VE interface to the GRE tunnel so that Ethernet packets can be forwarded over the GRE tunnel.

Procedure

  1. Configure an IP address for each physical interface.

    # Configure SwitchA.

    <HUAWEI> system-view
    [HUAWEI] sysname SwitchA
    [SwitchA] vlan batch 10 30
    [SwitchA] interface gigabitethernet 1/0/0
    [SwitchA-GigabitEthernet1/0/0] port link-type trunk
    [SwitchA-GigabitEthernet1/0/0] port trunk allow-pass vlan 10
    [SwitchA-GigabitEthernet1/0/0] quit
    [SwitchA] interface gigabitethernet 2/0/0
    [SwitchA-GigabitEthernet2/0/0] port link-type access
    [SwitchA-GigabitEthernet2/0/0] port default vlan 30
    [SwitchA-GigabitEthernet2/0/0] quit
    [SwitchA] interface vlanif 10
    [SwitchA-Vlanif10] ip address 20.1.1.1 24
    [SwitchA-Vlanif10] quit

  2. Configure tunnel interfaces and deploy a GRE tunnel. In the following configuration, the source and destination interface addresses of the GRE tunnel are 20.1.1.1 and 30.1.1.2 respectively.

    # Configure SwitchA.

    [SwitchA] interface tunnel 1
    [SwitchA-Tunnel1] tunnel-protocol gre
    [SwitchA-Tunnel1] ip address 40.1.1.1 255.255.255.0
    [SwitchA-Tunnel1] source 20.1.1.1
    [SwitchA-Tunnel1] destination 30.1.1.2
    [SwitchA-Tunnel1] quit

  3. Create a VE interface and add it to the corresponding VLAN. Ensure that this VE interface and the inbound interface of user packets are added to the same VLAN.

    # Configure SwitchA.

    [SwitchA] interface Virtual-Ethernet1/0/1
    [SwitchA-Virtual-Ethernet1/0/1] portswitch
    [SwitchA-Virtual-Ethernet1/0/1] port link-type trunk
    [SwitchA-Virtual-Ethernet1/0/1] undo port trunk allow-pass vlan 1
    [SwitchA-Virtual-Ethernet1/0/1] port trunk allow-pass vlan 30
    [SwitchA-Virtual-Ethernet1/0/1] quit

  4. Bind the VE interface to GRE tunnel so that Ethernet packets can be forwarded over the GRE tunnel.

    # Configure SwitchA.

    [SwitchA] interface tunnel 1
    [SwitchA-Tunnel1] map interface virtual-ethernet 1/0/1
    [SwitchA-Tunnel1] quit

  5. Verify the Configuration

    After the configuration is complete, wireless users can communicate with the WLAN GW at Layer 2. Through this WLAN GW, wireless user traffic can be forwarded at Layer 3 and wireless users can access the public network.

Configuration Files

  • SwitchA configuration file

    #
    sysname SwitchA
    #
    vlan batch 10 30
    #
    interface Vlanif10
     ip address 20.1.1.1 255.255.255.0
    #
    interface GigabitEthernet1/0/0
     port link-type trunk
     port trunk allow-pass vlan 10
    #
    interface GigabitEthernet2/0/0
     port link-type access
     port default vlan 30
    #
    interface Virtual-Ethernet1/0/1
     portswitch
     port link-type trunk
     undo port trunk allow-pass vlan 1
     port trunk allow-pass vlan 30
    #
    interface Tunnel1
     ip address 40.1.1.1 255.255.255.0
     tunnel-protocol gre
     source 20.1.1.1
     destination 30.1.1.2
     map interface virtual-ethernet 1/0/1
    #
    return
Translation
Download
Updated: 2019-04-01

Document ID: EDOC1000178118

Views: 159645

Downloads: 159

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next