Brocade-communications-systems RFS6000 Uživatelský manuál Strana 244
- Strana / 839
- Tabulka s obsahem
- KNIHY
Hodnocené. / 5. Na základě hodnocení zákazníků
242 Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide
53-1001931-01
Global Configuration commands
5
RFController(config)#crypto isakmp client configuration group default
RFController(config-crypto-group)#dns 10.1.1.1
RFController(config-crypto-group)#wins 10.1.1.1
5. Specify the authentication type.
RFController(config)# aaa vpn-authentication local
RFController(config)# local username harry password brocade123
6. Create a transform set.
RFController(config)#crypto ipsec transform-set windows esp-3des esp-sha-hmac
RFController(config-crypto-ipsec)#mode transport
7. Specify a dynamic crypto map.
RFController(config)#crypto map TestMap 30 ipsec-isakmp dynamic
RFController(config-crypto-map)#set peer 0.0.0.0
RFController(config-crypto-map)#match address 101
RFController(config-crypto-map)#set transformset windows
RFController(config-crypto-map)#set remote-type ipsec-l2tp
8. Apply the crypto map to interface vlan2.
RFController(config)#interface vlan2
RFController(config-if)cryto map TestMap
9. Upon a successful connection, the XP client will obtain a virtual IP address.
Use Case 2: Configuring Site-to-Site VPN
Intranets use unregistered addresses connected over the public internet by site-to-site VPN. In this
scenario, NAT is required for the connections to the public internet. However NAT is not required for
traffic between the two intranets, which can be transmitted using a VPN tunnel over the public
Internet.
The site-to-site VPN allows branch office mobility controllers to connect back to the central office
using a secure, encrypted tunnel, for all site-to-site traffic. This allows a wired LAN in the branch
office to bridge directly to the central site while maintaining full security.
This example requires two controllers. It can be configured with the following commands:
- Brocade Mobility RFS4000 1
- RFS6000 and RFS7000 1
- Document History 2
- About This Document 13 3
- 1 Introduction 21 3
- 2 Common Commands 31 3
- 3 User Exec Commands 155 4
- 6 Crypto-isakmp Instance 327 6
- 14 Extended ACL Instance 449 9
- 15 Standard ACL Instance 471 9
- 17 DHCP Server Instance 507 10
- 18 DHCP Class Instance 543 10
- 19 Radius Server Instance 555 10
- 23 RFID Instance 739 13
- 24 SOLE Instance 753 13
- 25 Smart RF Instance 767 13
- About This Document 15
- How to use this guide 16
- Document conventions 17
- Command syntax conventions 19
- Notice to the reader 20
- Web support sites 21
- 1Introduction 23
- CLI Modes 24
- Command Description 27
- Basic conventions 28
- Deleting entries 30
- Command output pagination 31
- Controlling Capitalization 31
- 2Common Commands 33
- Common commands 38
- – high temperature limit 41
- – low temperature limit 41
- – URL to which to copy 41
- Display 62
- Usage Guidelines 67
- 000 msec, dispersion 0.00 86
- 53-1001931-01 100
- • Mobility RFS7000 Controller 106
- • Mobility RFS4000 Controller 106
- • Mobility RFS6000 Controller 107
- Common Commands 126
- User exec commands 158
- Parameters 160
- 4Privileged Exec Commands 171
- TABLE 4 Priv Exec Commands 172
- Priv Exec command 175
- If Untar fails..? 175
- Global Configuration Commands 219
- Global Configuration commands 220
- Global Config Commands 220
- {authport <1024-65535>} 222
- (config)# 239
- (config)# crypt-map instance 239
- WID, using (config)# mode 260
- • 0 – Disables aging 268
- 6Crypto-isakmp Instance 329
- Crypto ISAKMP config commands 342
- 7Crypto-group Instance 343
- Crypto Group config commands 351
- 8Crypto-peer Instance 353
- Crypto Peer config commands 362
- 9Crypto-ipsec Instance 363
- Crypto IPSec config commands 370
- 10Crypto-map Instance 373
- Crypto Map config commands 379
- [ipaddress 383
- <host name>] 383
- 11Crypto-trustpoint Instance 389
- 12Interface Instance 405
- Interface config commands 406
- Interface Config Commands 406
- How src-dst-mac mode works 421
- How src-dst-ip mode works 421
- 13Spanning tree-mst Instance 437
- Extended ACL config commands 454
- Permitting IP based traffic 467
- Permitting ICMP based traffic 468
- Configuring IP Extended ACL 471
- 15Standard ACL Instance 473
- {log} {rule-precedence 475
- <1-5000>} 475
- Standard ACL config commands 476
- 16Extended MAC ACL Instance 489
- Configuring MAC Extended ACL 507
- 17DHCP Server Instance 509
- TABLE 17 DHCP Config Commands 510
- Creating a DHCP User Class 513
- DHCP Config commands 537
- Creating network pool 540
- Creating a Host Pool 541
- network 192.168.0.0/24 542
- <type> 543
- Creating a DHCP Option 544
- 18DHCP Class Instance 545
- Creating a DHCP user class 552
- 19Radius Server Instance 557
- Radius configuration commands 558
- RADIUS Server Command Summary 558
- RFController# 566
- RFController(config)# 566
- (config-radsrv) mode 570
- Example–creating a group 573
- 20Wireless Instance 591
- Command Description Ref 592
- (config-wireless) instance 593
- Configuring a client 614
- • Enable NAC for a WLAN 615
- • Undo a configuration 615
- Converting an AP to sensor 619
- {<MAC>} 649
- {<ap-index>} 664
- {logout-on-browser-close} 684
- {auth-port <port>} 684
- {auth-port <port>} 684
- {acct-port 685
- <port>} 685
- {port <1-65535>} 685
- {limit <0-8192>} 685
- .d>&port=<x> 690
- 21RTLS Instance 707
- RTLS config commands 721
- 22ESPI Instance 731
- ESPI config commands 740
- 23RFID Instance 741
- RFID config commands 751
- 24SOLE Instance 755
- SOLE config commands 765
- 25Smart RF Instance 769
- Role config commands 819
- 27AAP IP Filtering 821
- AAP IP Filter config commands 825
Související produkty a manuály pro Hardware Brocade-communications-systems RFS6000
(16 stránky)Emerson Redes manuales de usuario
Empezando en E
Komentáře k této Příručce