Defining the IPsec tunnel on WEST
Defining the IPsec tunnel from WEST to EAST creates the IPsec tunnel from WEST to EAST.
- WEST uses IP address 192.0.2.1 on dp0p1p2.
- EAST uses IP address 192.0.2.33 on dp0p1p1.
- The IKE group is IKE-1W.
- The preshared secret is “test_key_1”.
- All GRE traffic will be passed through the tunnel.
This examples assumes that you have already configured the following:
- IKE group IKE-1W (see Configure an IKE group on WEST)
- ESP group ESP-1W (see Configure an ESP group on WEST)
To create the IPsec tunnel from WEST to EAST, perform the following steps on WEST in configuration mode.
Define the site-to-site connection to EAST. Set the authentication mode.
Navigate to the node for the peer for easier editing.
Provide the string that will be used to authenticate the peers.
Specify the default ESP group for all tunnels.
Specify the IKE group.
Identify the IP address on this vRouter to be used for this connection.
Specify that only GRE traffic will pass through the tunnel.
Return to the top of the configuration hierarchy.
Commit the configuration.
View the modified configuration.