No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Interoperation Configuration Guide

AR Router

This document provides cases for connecting AR enterprise routers to devices of other vendors.

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Precautions

Precautions

  • DSVPN is a Huawei proprietary protocol. When the AR connects to a non-Huawei device using DSVPN, there may be legal risks. Contact Huawei local office and report it to the Legal Affairs Dept in advance.
  • The DSVPN function on some models requires a license. By default, the DSVPN function cannot be used on the AR. To use the DSVPN function, contact Huawei local office or apply for and purchase the license from Huawei local office.
  • NAT traversal cannot be implemented on a DSVPN network if two branches use the same NAT device and their private network addresses are translated to the same public network address.
  • When DSVPN branches establish a tunnel, NAT traversal cannot be implemented if different NAT devices exist between two branches and Port Address Translation (PAT) is enabled on the NAT devices.
  • The NAT devices must have NAT server or static NAT configured. NAT traversal cannot be implemented if inbound or outbound NAT is configured on the NAT devices.
  • Precautions for DSVPN route deployment:
    • Configuring static routes
  • Non-shortcut

    You need to configure static routes between the Hub and Spoke and between Spokes and specify the peer tunnel address as the next-hop address.

  • Shortcut

    You need to configure static routes on the Hub and Spokes. The next-hop address of the Hub is the peer tunnel address of a Spoke, and the next-hop address of a Spoke is the tunnel address of the Hub.

    • Configuring dynamic routes

    Scenario

    RIP

    OSPF

    BGP

    Non-shortcut

    Disable split horizon and automatic route summarization on the mGRE interface of the Hub.

    Run the ospf network-type broadcast command to set the OSPF network type to broadcast on the Hub and Spokes.

    Do not configure route summarization on the Hub.

    Shortcut

    Enable split horizon and automatic route summarization on the mGRE interface of the Hub.

    Run the ospf network-type p2mp command to set the OSPF network type to P2MP on the Hub and Spokes.

    Configure route summarization on the Hub.

  • The commands used to configure IKE peers and the IKE protocol differ depending on the software version.
    • In earlier versions of V200R008:

      ike peer peer-name [ v1 | v2 ]

    • In V200R008 and later versions:

      • To configure IKE peers: ike peer peer-name

      • To configure the IKE protocol: version { 1 | 2 }

        By default, IKEv1 and IKEv2 are enabled simultaneously. An initiator uses IKEv2 to initiate a negotiation request, while a responder uses IKEv1 or IKEv2 to respond. To initiate a negotiation request using IKEv1, run the undo version 2 command.

  • In V200R008 and later versions, the device does not support the remote-name command. This command provides teh same function as the remote-id command.
  • In V200R008 and later versions, the device does not support the local-id-type name command. This command provides teh same function as the local-id-type fqdn command.
  • Configure pre-shared key:

    • In V200R003C00 and later versions: The command format is pre-shared-key { simple | cipher } key.
    • In V200R003C00 and earlier versions: The command format is pre-shared-key key.
Translation
Download
Updated: 2019-05-17

Document ID: EDOC1100034005

Views: 27574

Downloads: 501

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next