Wired Intelligent Edge (Campus Switching and Routing)

 View Only
last person joined: one year ago 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of HPE Aruba Networking switching devices, and find ways to improve security across your network.
Back to Library

How to configure default route to VPN 

Apr 07, 2015 04:57 PM

Starting from image 7.4.x.x, we can point the trafffic towards a VPN tunnel. A branch office Mobility Access Switch has VPN tunnel which terminates on a Firewall. Any client non-corporate traffic from Mobility Access Switch is forwarded to the firewall through the VPN tunnel. This requires a default gateway route on Mobility Access Switch pointing to a VPN tunnel.

 

Environment : Remote Networking

 

 A branch office Mobility Access Switch has VPN tunnel  towards the corporate network.

 

Configuring Default Route to VPN:

You can use the following command to configure the default route to a VPN tunnel:

(host) (config) #crypto-local ipsec-map <map-name> <map-number>
(host) (config-ipsec-map) #dst-net 0.0.0.0 0.0.0.0
 
Sample Configuration:

(host) (config) #crypto-local ipsec-map map-firewall 10
(host) (config-ipsec-map) # peer-ip 20.1.1.2
(host) (config-ipsec-map) # local-fqdn test.arubanetworks.com
(host) (config-ipsec-map) # interface vlan 2
(host) (config-ipsec-map) # src-net 4.1.1.0 255.255.255.255
(host) (config-ipsec-map) # dst-net 0.0.0.0 0.0.0.0
 
 
Verifying Default Route Configuration:

Use the following command to verify the default route to VPN configuration:
(host) #show ip route
Codes: C - connected
O - OSPF, O(IA) - OSPF inter area
O(E1) - OSPF external type 1, O(E2) - OSPF external type 2
O(N1) - OSPF NSSA type 1, O(N2) - OSPF NSSA type 2
M - mgmt, S - static, * - candidate default
D - DHCP
C 0.0.0.0 /0 [1] is an ipsec map: map-firewall

Statistics
0 Favorited
1 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.