No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CLI-based Configuration Guide - IP Service

AR100, AR120, AR160, AR1200, AR2200, AR3200, and AR3600 V300R003

This document describes the concepts and configuration procedures of IP Service features on the device, and provides the configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring a DDNS Client (Using the Update Mode Implemented Through the Siemens DDNS Server)

Example for Configuring a DDNS Client (Using the Update Mode Implemented Through the Siemens DDNS Server)

Networking Requirements

In Figure 4-11, Router can function as a web server to provide web services for network users and users can access the web server by sending DNS requests. The domain name of the web server is www.abc.com, corresponding to the IP address of GE1/0/0 on Router.

The IP address of GE1/0/0 on Router may change. As a result, if the mapping relationship between the web server's domain name and the IP address is not updated in time on the DNS server, a user access error may occur. To solve this problem, the administrator configures the DDNS client function and uses the Siemens DDNS server, ensuring that the web server's domain name on the DNS server corresponds to the latest IP address.

There are reachable routes among Router, the DNS server, and the DDNS server and the administrator has implemented user registration on the DDNS server.

Figure 4-11  Networking diagram for configuring the DDNS client

Configuration Roadmap

Create a DDNS policy on Router and bind the policy to Router, so that Router can send a request for dynamically updating DNS entries if the IP address of GE1/0/0 on Router changes.

Procedure

  1. Configure Router.

    # Configure a client SSL policy siemens. Assume that the SSL policy uses the default protocol version and cipher suite

    <Huawei> system-view
    [Huawei] sysname Router
    [Router] pki entity siemens
    [Router-pki-entity-siemens] common-name hello
    [Router-pki-entity-siemens] country cn
    [Router-pki-entity-siemens] state jiangsu
    [Router-pki-entity-siemens] organization huawei
    [Router-pki-entity-siemens] organization-unit info
    [Router-pki-entity-siemens] quit
    [Router] pki realm siemens
    [Router-pki-realm-siemens] entity siemens
    [Router-pki-realm-siemens] ca id ca_root
    [Router-pki-realm-siemens] enrollment-url http://10.137.145.158:8080/certsrv/mscep/mscep.dll ra
    [Router-pki-realm-siemens] fingerprint sha1 7bb05ada0482273388ed4ec228d79f77309ea3f4
    [Router-pki-realm-siemens] auto-enroll regenerate
    [Router-pki-realm-siemens] quit
    [Router] ssl policy siemens type client
    [Router-ssl-policy-siemens] server-verify enable
    [Router-ssl-policy-siemens] pki-realm siemens
    [Router-ssl-policy-siemens] quit
    

    # Create and configure a DDNS policy.

    <Huawei> system-view
    [Huawei] sysname Router
    [Router] ddns policy mypolicy
    [Router-ddns-policy-mypolicy] method vendor-specific
    [Router-ddns-policy-mypolicy] url https://10.2.1.3/nic/update?group=med&user=<username>&password=<password>&myip=<a> username huawei_test password 12345
    [Router-ddns-policy-mypolicy] ssl-policy siemens
    [Router-ddns-policy-mypolicy] quit
    NOTE:
    • During the configuration, replace 10.2.1.3 with the DDNS server IP address of Siemens.
    • By default, the update mode of the DDNS client is vendor-specific. If the default update mode of the device is not modified using the method command, you do not need to run the method vendor-specific command.
    # Bind the DDNS policy to GE1/0/0.
    [Router] interface gigabitethernet 1/0/0
    [Router-GigabitEthernet1/0/0] ddns apply policy mypolicy fqdn www.abc.com
    [Router-GigabitEthernet1/0/0] quit
    
    NOTE:

    When the configuration is complete and the IP address of GE1/0/0 changes, Router notifies the DNS server to update the mapping relationship between the domain name www.abc.com and the IP address, ensuring that users can obtain the latest IP address by parsing the domain name www.abc.com.

  2. Verify the configuration.

    # Run the display ddns policy mypolicy command on Router to check information about the DDNS policy named mypolicy.

    <Router> display ddns policy mypolicy
     Policy name          : mypolicy                                                      
     Server               : https://10.2.1.3/nic/update?group=med&user=<username>&password=<password>&myip=<a>                                      
     User name            : huawei_test                                             
     Password             : ******                                                  
     SSL policy           : siemens                                                 
     Update method        : vendor-specific                                         
     Update interval      : 3600 seconds 

    # Run the display ddns interface gigabitethernet 1/0/0 command on Router to check information about the DDNS policy of GigabitEthernet1/0/0.

    <Router> display ddns interface  gigabitethernet 1/0/0
     Policies applied on interface GigabitEthernet0/0/1 :                           
     ------------------------------------------------------------------------------ 
     Policy name          : mypolicy                                                      
     Server               : https://10.2.1.3/nic/update?group=med&user=<username>&password=<password>&myip=<a>
     User name            : huawei_test                                             
     Password             : ******                                                  
     SSL policy           : siemens                                                 
     Update method        : vendor-specific                                         
     Update interval      : 3600 seconds                                            
     Current status       : ESTABLISH                                                 
     Client FQDN          : www.abc.com                  
     Client IP            : 192.168.10.1                                              
     Server IP            : -                                                       
     Last update time     : 2015-07-23 07:28:53                                     
     Last update result   : Success

Configuration File

  • Configuration file of Router

    #
     sysname Router
    #                                                                               
    pki entity siemens                                                              
     country CN                                                                     
     state jiangsu                                                                  
     organization huawei                                                            
     organization-unit info                                                         
     common-name hello                                                              
    #                                                                               
    pki realm siemens                                                               
     ca id ca_root                                                                  
     enrollment-url http://10.137.145.158:8080/certsrv/mscep/mscep.dll ra           
     entity siemens                                                                 
     auto-enroll regenerate                                                         
     fingerprint sha1 7bb05ada0482273388ed4ec228d79f77309ea3f4      
    #                                                                               
    ssl policy siemens type client                                                  
     pki-realm siemens                                                              
     server-verify enable   
    #
    ddns policy mypolicy 
     url https://10.2.1.3/nic/update?group=med&user=<username>&password=<password>&myip=<a> username huawei_test password %^%#o:2u<@1H~VkNyxJdJ.B=I\(V@2D=}Ht`G'0]mlAL%^%#
     ssl-policy siemens
    #
    interface GigabitEthernet1/0/0
     ddns apply policy mypolicy fqdn www.abc.com 
    #
    return
    
Translation
Download
Updated: 2019-03-06

Document ID: EDOC1100069333

Views: 36975

Downloads: 188

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next