f35c64f269d6068db0fdf2b19e07ddfdc7de2a4d
howto/Edgeos-Config-Example-number-2.md
| ... | ... | @@ -1,4 +1,4 @@ |
| 1 | -## EdgeRouterPro-8 DN42 config example with v1.9.0 |
|
| 1 | +# EdgeRouterPro-8 DN42 config example with v1.9.0 |
|
| 2 | 2 | |
| 3 | 3 | After a lot of searching and trying I [Phil/ALS7] finnaly got a working config |
| 4 | 4 | |
| ... | ... | @@ -15,20 +15,26 @@ After a lot of searching and trying I [Phil/ALS7] finnaly got a working config |
| 15 | 15 | |
| 16 | 16 | The data i used are the following: |
| 17 | 17 | |
| 18 | -Own ASN: AS4242422684 |
|
| 19 | -Own IPv4: 172.20.4.64/27 |
|
| 20 | -Own IPv6: fd33:ac1d:d1ce::/48 |
|
| 18 | +Own ASN: AS111111 |
|
| 19 | +Own IPv4: 172.AA.AA.64/27 |
|
| 20 | +Own IPv6: fdBB:BBBB:CCCC::/48 |
|
| 21 | + |
|
| 22 | +Peer ASN: AS222222 |
|
| 23 | +Peer Remote Address: X.X.X.X |
|
| 24 | +Peer Remote Host: X.X.X.Y |
|
| 25 | +Peer Port: 1194 |
|
| 21 | 26 | |
| 22 | 27 | 2) get a peer --> ask nice @irc |
| 23 | 28 | |
| 24 | -3) You need following data |
|
| 29 | +3) You need following data from the peer |
|
| 25 | 30 | |
| 26 | 31 | --tunnel options, secret key |
| 27 | ---ASN from the peer (in this example i use remote-as XXXXX) |
|
| 28 | ---ip's |
|
| 32 | +--ASN from the peer |
|
| 33 | +--ip's |
|
| 29 | 34 | |
| 30 | 35 | ... |
| 31 | 36 | |
| 37 | +###Create IPv4 OpenVPM Interface |
|
| 32 | 38 | |
| 33 | 39 | start a ssh session to your router |
| 34 | 40 | |
| ... | ... | @@ -37,18 +43,31 @@ copy vpn key to /config/auth/giveITaName -- Create folder if needed |
| 37 | 43 | configure |
| 38 | 44 | set interface openssh vtun0 |
| 39 | 45 | set interfaces openvpn vtun0 mode site-to-site |
| 40 | -set interfaces openvpn vtun0 local-port 1194 //you get the port from your peer |
|
| 41 | -set interfaces openvpn vtun0 remote-port 1194 //you get the port from your peer |
|
| 42 | -set interfaces openvpn vtun0 local-address 172.20.4.64 //your ip |
|
| 43 | -set interfaces openvpn vtun0 remote-address X.X.X.X //from your peer |
|
| 44 | -set interfaces openvpn vtun0 remote-host X.X.X.Y //from your peer |
|
| 45 | -set interfaces openvpn vtun0 shared-secret-key-file /config/auth/giveITaName // your keyfile |
|
| 46 | +set interfaces openvpn vtun0 local-port 1194 |
|
| 47 | +set interfaces openvpn vtun0 remote-port 1194 |
|
| 48 | +set interfaces openvpn vtun0 local-address 172.AA.AA.64 |
|
| 49 | +set interfaces openvpn vtun0 remote-address X.X.X.X |
|
| 50 | +set interfaces openvpn vtun0 remote-host X.X.X.Y |
|
| 51 | +set interfaces openvpn vtun0 shared-secret-key-file /config/auth/giveITaName |
|
| 52 | + |
|
| 46 | 53 | set interfaces openvpn vtun0 openvpn-option "--comp-lzo" //if your peer support compression |
| 47 | 54 | commit |
| 48 | 55 | save |
| 56 | +exit |
|
| 49 | 57 | |
| 50 | 58 | Now the ipv4 tunnel should be up&running |
| 51 | 59 | |
| 60 | +Check it with: |
|
| 61 | + |
|
| 62 | +show interfaces openvpn |
|
| 63 | +show interfaces openvpn detail |
|
| 64 | +show openvpn status site-to-site |
|
| 65 | + |
|
| 66 | +### Create IPv4 BGP Session |
|
| 67 | + |
|
| 68 | +configure |
|
| 69 | + |
|
| 70 | + |
|
| 52 | 71 | |
| 53 | 72 | |
| 54 | 73 |