Networking Requirements The HQ router is deployed on the LAN, mapping is configured on the egress of the LAN, and users in the branch access the HQ router in dialup mode. Network Topology Configuration Key Points 1. Configure the LAN gateway router A in the HQ as the IPsec server. 2. Configure router B in the branch as the IPsec client. 3. Keep parameter settings at both ends consistent. The parameter settings in this case are as follows: Authentication mode: preshared key, with the key set to ruijie. IKE algorithm: 3DES-MD5, DH2IPsec negotiation scheme: ESP(3DES-MD5) 4. Configure NAT mapping on the outermost egress of the HQ and establish an IPsec connection on the LAN gateway. Configuration Steps1. Ensure that basic configuration on the EG device and routers in both the HQ and branch are normal, and LANs users at both ends can access the WAN. 2. Configure router B in the branch. Choose Network > VPN and click Configure. Select Branch and click Next.Configure an IPsec policy, set the public IP address of the HQ router to the IP address obtained after NAT, and click Next. (5) Click Finish. 4. IPsec uses UDP ports 500 and 4500. Map UDP ports 500 and 4500 on the egress of the HQ respectively to UDP ports 500 and 4500 of the LAN EG device. (1) Map UDP port 500. ip nat inside source static udp 10.0.0.1 500 1.1.1.1 500 (2) Map UDP port 4500. ip nat inside source static udp 10.0.0.1 4500 1.1.1.1 4500 Configuration Verification Choose Network > VPN and click the Topo tab to view the configuration. Configuration of the HQ router: Configuration of the branch router: Check whether the HQ router and branch router can access each other. |
This site contains user submitted content, comments and opinions and is for informational purposes only. Ruijie may provide or recommend responses as a possible solution based on the information provided; every potential issue may involve several factors not detailed in the conversations captured in an electronic forum and Ruijie can therefore provide no guarantee as to the efficacy of any proposed solutions on the community forums. Ruijie disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Ruijie Community Terms of Use.
More ways to get help: Visit Support Videos, call us via Service Hotline, Facebook or Live Chat.
©2000-2023 Ruijie Networks Co,Ltd