Abilis Ip Tunnel is a virtual tunnel typically used for Data and Voice communications between Abilis.
To setup an Abilis IP Tunnel, first add an IP resource:
a res:ip-<id> subtype:<value>
id is simply the identification number and subtype is the kind of resource to be used. The following command shows supported subtypes.
[14:58:13] ABILIS_CPX_1:a res:ip-2 subtype: ?
Ip resource subtypes:
X25PVC IP over X.25 Pvc
X25BSVC IP over X.25 Bsvc
LAN IP over LAN
DL IP over Dedicated Line
DL-BCK IP over Dedicated Line with Abilis Back-up
BCH IP over B-Channel
ML IP over Multi-Links
AIPT IP over IP (Abilis tunnel)
AIPT-BCK IP over IP (Abilis tunnel) with Abilis Back-up
PPP IP over PPP
VIRTUAL IP virtual
The extended mode is used when both Abilis have a static IP address.
The following example considers two Abilis with a static public IP address each one.
Public IP address of “Abilis 1” (ABILIS_CPX_1): 217.1.1.1
Private IP address of “Abilis 1” (ABILIS_CPX_1): 192.168.0.254/24
Public IP address of “Abilis 2” (ABILIS_CPX_2): 217.2.2.2
Private IP address of “Abilis 2” (ABILIS_CPX_2): 192.168.1.254/24
First, add a new resource on both Abilis:
[14:58:52] ABILIS_CPX_1:a res:ip-5 subtype:aipt
COMMAND EXECUTED [15:06:29] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:NO IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:STD D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.000.254) REMIPADD:#
[14:58:14] ABILIS_CPX_2:a res:ip-5 subtype:aipt
COMMAND EXECUTED [15:06:37] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:NO IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:STD D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.001.254) REMIPADD:#
The most important parameters to configure are:
DESCR
: description of the resource.
MODE
: operating mode.
LOCPORT
: UDP port number of the local
ABILIS (port used for the data exchange).
REMPORT
: UDP port number of the remote
ABILIS.
LOCIPADD
: IP address of the local
ABILIS.
REMIPADD
: IP address of the remote
ABILIS.
NEIGH
: IP address of the neighbour router
(the other Abilis).
MASK
: mask of remote LAN.
NAT
: NAT usage.
LCR
: Encryption/Decryption
activation.
FRAG
: link fragmentation.
FRAGSIZE
: maximum size of link frames
fragments.
Tip | |
---|---|
The above parameters must mirror each other (i.e. the value of
|
[15:17:46] ABILIS_CPX_1:s p ip-5 descr:To_Abilis_2 neigh:192.168.1.254 mask:255.255.255.0 nat:inside frag:aipt fragsize:1400 lcr:data mode:ext remport:2105 locipadd:217.1.1.1 remipadd:217.2.2.2
COMMAND EXECUTED [15:21:02] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:AIPT FRAGSIZE:1400 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:DATA LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.001.001.001 REMIPADD:217.002.002.002
[15:06:44] ABILIS_CPX_2:s p ip-5 descr:To_Abilis_1 neigh:192.168.0.254 mask:255.255.255.0 nat:inside frag:aipt fragsize:1400 lcr:data mode:ext remport:2105 locipadd:217.2.2.2 remipadd:217.1.1.1
COMMAND EXECUTED [15:22:37] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:AIPT FRAGSIZE:1400 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:DATA LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.002.002.002 REMIPADD:217.001.001.001
Tip | |
---|---|
Saving the configuration with save conf
command, the validation procedure will automatically change the
parameter |
Tip | |
---|---|
Activation of Link Check protocol is recommended ( |
Tip | |
---|---|
Encryption of data packets has been activated
( |
Tip | |
---|---|
Fragmentation has been activated
( |
[15:21:05] ABILIS_CPX_1:save conf
VALIDATION IN PROGRESS ... WARNING: RES:Iprtr Changed "LINKS:" from 1 to 2 WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [15:21:29] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - IP over IP (Abilis tunnel) (AIPT) ---------------------------------- DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:AIPT FRAGSIZE:1400 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:DATA LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.001.001.001 REMIPADD:217.002.002.002
[15:22:40] ABILIS_CPX_2:save conf
VALIDATION IN PROGRESS ... WARNING: RES:Iprtr Changed "LINKS:" from 1 to 2 WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [16:22:53] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - IP over IP (Abilis tunnel) (AIPT) ---------------------------------- DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:AIPT FRAGSIZE:1400 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:DATA LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.002.002.002 REMIPADD:217.001.001.001
Now the configuration of the VPN is completed.
This mode permits to configure a VPN between two Abilis when one of them hasn't a static public IP address or is placed behind a router doing NAT/PAT.
Example: Abilis has a static public IP address and the other one has a dynamic public IP address:
Public IP address of “Abilis 1” (ABILIS_CPX_1): 217.1.1.1
Private IP address of “Abilis 1” (ABILIS_CPX_1): 192.168.0.254/24
Public IP address of “Abilis 2” (ABILIS_CPX_2): dynamic
Private IP address of “Abilis 2” (ABILIS_CPX_2): 192.168.1.254/24
“ABILIS 1” will be set as
EXT-SERVER
; “ABILIS_CPX_2” will be set
as EXT-CLIENT
.
First, add a new resource on both Abilis:
[14:58:52] ABILIS_CPX_1:a res:ip-5 subtype:aipt
COMMAND EXECUTED [15:06:29] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:NO IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:STD D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.000.254) REMIPADD:#
[14:58:14] ABILIS_CPX_2:a res:ip-5 subtype:aipt
COMMAND EXECUTED [15:06:37] ABILIS_CPX_2:d p ip-5
RRES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:NO IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:STD D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.001.254) REMIPADD:#
In EXT-SERVER
and EXT-CLIENT
modality, new parameters will appear:
[17:34:37] ABILIS_CPX_1:s p ip-5 mode:ext-server
COMMAND EXECUTED [17:34:54] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:NO IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT-SERVER D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT CLI-ID:# OUT-IP:AUTO LOCIPADD:R-ID (192.168.000.254) IP-FILTER:*
[17:34:45] ABILIS_CPX_2:s p ip-5 mode:ext-client
COMMAND EXECUTED [17:35:13] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:NO IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT-CLIENT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT ID:R-ID (192.168.001.254) OUT-IP:AUTO LOCIPADD:R-ID (192.168.001.254) REMIPADD:#
Configuration of both Abilis must mirror each other. This the meaning of the “new” parameters:
ID
: on client side, is the identification
IP address sent by the client to the server.
CLI-ID
: on server side, is the client
identifier IP address. It can be also a “virtual
value”, but it must set at the same value of parameter
ID
on client side.
Tip | |
---|---|
|
Configure on “Abilis 1”the following parameters:
DESCR
: description of the resource.
LOCPORT
: UDP port number of the local
Abilis (port used for the data exchange).
REMPORT
: UDP port number of the remote
Abilis.
LOCIPADD
: IP address of the local
Abilis.
CLI-ID
: client identifier IP
address.
NEIGH
: IP address of the neighbour router
(the other Abilis).
MASK
: mask of remote LAN.
NAT
: NAT usage.
LCR
: Encryption/Decryption
activation.
FRAG
: link fragmentation.
FRAGSIZE
: maximum size of link frames
fragments.
Configure on “Abilis 2”the following parameters:
DESCR
: description of the resource.
LOCPORT
: UDP port number of the local
Abilis (port used for the data exchange).
REMPORT
: UDP port number of the remote
Abilis.
LOCIPADD
: IP address of the local
Abilis.
REMIPADD
: IP address of the remote
ABILIS
ID
: identification IP address sent by the
client to the server
NEIGH
: IP address of the neighbour router
(the other Abilis).
MASK
: mask of remote LAN.
NAT
: NAT usage.
LCR
: Encryption/Decryption
activation.
FRAG
: link fragmentation.
FRAGSIZE
: maximum size of link frames
fragments.
[17:35:00] ABILIS_CPX_1:s p ip-5 descr:To_Abilis_2 neigh:192.168.1.254 mask:255.255.255.0 nat:inside frag:aipt fragsize:1400 lcr:data remport:2105 cli-id:192.168.1.254 locipadd:217.1.1.1
COMMAND EXECUTED [17:54:30] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:AIPT FRAGSIZE:1400 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:DATA LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT-SERVER D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:NO CRKEY:DFT CLI-ID:192.168.001.254 OUT-IP:AUTO LOCIPADD:217.001.001.001 IP-FILTER:*
[17:35:14] ABILIS_CPX_2:s p ip-5 descr:To_Abilis_1 neigh:192.168.0.254 mask:255.255.255.0 nat:inside frag:aipt fragsize:1400 lcr:data remport:2105 id:192.168.1.254 locipadd:out-ip remipadd:217.1.1.1
COMMAND EXECUTED [17:59:32] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:AIPT FRAGSIZE:1400 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:DATA LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT-CLIENT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:NO CRKEY:DFT ID:192.168.001.254 OUT-IP:AUTO LOCIPADD:OUT-IP REMIPADD:217.001.001.001
Tip | |
---|---|
Saving the configuration with save conf
command, the validation procedure will automatically change the
parameter |
Tip | |
---|---|
Activation of Link Check protocol is recommended ( |
Tip | |
---|---|
Encryption of data packets has been activated
( |
Tip | |
---|---|
Fragmentation has been activated
( |
[17:58:29] ABILIS_CPX_1:save conf
VALIDATION IN PROGRESS ... WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [18:04:10] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - IP over IP (Abilis tunnel) (AIPT) ---------------------------------- DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:AIPT FRAGSIZE:1400 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:DATA LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT-SERVER D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:NO CRKEY:DFT CLI-ID:192.168.001.254 OUT-IP:AUTO LOCIPADD:217.001.001.001 IP-FILTER:*
[17:59:34] ABILIS_CPX_2:save conf
VALIDATION IN PROGRESS ... WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [18:04:28] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - IP over IP (Abilis tunnel) (AIPT) ---------------------------------- DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:AIPT FRAGSIZE:1400 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:DATA LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT-CLIENT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:NO CRKEY:DFT ID:192.168.001.254 OUT-IP:AUTO LOCIPADD:OUT-IP REMIPADD:217.001.001.001
Now the configuration of the VPN is completed.
In case of failure of the permanent VPN connection, the Abilis
tunnels may be instantaneously switched onto ISDN backup lines. The AIPT
subtype requested for this configuration is
AIPT-BCK
.
Example: two Abilis are placed in remote sides, each one has a with a static public IP address and a backup ISDN line:
Public IP address of “Abilis 1” (ABILIS_CPX_1): 217.1.1.1
Private IP address of “Abilis 1” (ABILIS_CPX_1): 192.168.0.254/24
ISDN line connected to “Abilis 1” (ABILIS_CPX_1): 01234567
Public IP address of “Abilis 2” (ABILIS_CPX_2): 217.2.2.2
Private IP address of “Abilis 2” (ABILIS_CPX_2): 192.168.1.254/24
ISDN line connected to “Abilis 2” (ABILIS_CPX_2): 01765432
First, add a new resource on both Abilis.
[15:35:35] ABILIS_CPX_1:a res:ip-5 subtype:aipt-bck
COMMAND EXECUTED [15:36:01] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) with Abilis Back-up (AIPT-BCK) ------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL BCKRES:CtiSLink FRAG:NO IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:STD D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.000.254) REMIPADD:# - Back-Up -------------------------------------------------------------- BRTY:LIN BNRTY:0 BTB:3 BAC:DOD DDT:220 VDT:10 UDT:NOMAX CDI:* CDO:# CGI:* CGO:# SDI:* SDO:# SGI:DISABLED SGO:#
[15:35:35] ABILIS_CPX_2:a res:ip-5 subtype:aipt-bck
COMMAND EXECUTED [15:36:08] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) with Abilis Back-up (AIPT-BCK) ------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL BCKRES:CtiSLink FRAG:NO IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:STD D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.001.254) REMIPADD:# - Back-Up -------------------------------------------------------------- BRTY:LIN BNRTY:0 BTB:3 BAC:DOD DDT:220 VDT:10 UDT:NOMAX CDI:* CDO:# CGI:* CGO:# SDI:* SDO:# SGI:DISABLED SGO:#
IP configuration of both Abilis remains the same shown Section 38.3.1, “Abilis IP Tunnel over IP – Extended Mode”. Consideration about ISDN Back-up configuration are the same reported here.
To complete the configuration type the following commands:
[16:37:00] ABILIS_CPX_1:s p ip-5 descr:To_Abilis_2 neigh:192.168.1.254 mask:255.255.255.0 nat:inside frag:aipt fragsize:1400 lcr:data mode:ext remport:2105 locipadd:217.1.1.1 remipadd:217.2.2.2
COMMAND EXECUTED [16:38:33] ABILIS_CPX_1:s p ip-5 brty:us bnrty:30 btb:10 sgi:abilis1-abilis2 sgo:abilis2-abilis1 cdo:01765432
COMMAND EXECUTED [16:41:13] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) with Abilis Back-up (AIPT-BCK) ------------ DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL BCKRES:CtiSLink FRAG:AIPT FRAGSIZE:1400 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:DATA LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.001.001.001 REMIPADD:217.002.002.002 - Back-Up -------------------------------------------------------------- BRTY:US BNRTY:30 BTB:10 BAC:DOD DDT:220 VDT:10 UDT:NOMAX CDI:* CDO:01765432 CGI:* CGO:# SDI:* SDO:# SGI:ABILIS1-ABILIS2 SGO:ABILIS2-ABILIS1
[16:41:20] ABILIS_CPX_2:s p ip-5 descr:To_Abilis_1 neigh:192.168.0.254 mask:255.255.255.0 nat:inside frag:aipt fragsize:1400 lcr:data mode:ext remport:2105 locipadd:217.2.2.2 remipadd:217.1.1.1
COMMAND EXECUTED [16:40:04] ABILIS_CPX_2:s p ip-5 brty:us bnrty:30 btb:10 sgi:abilis2-abilis1 sgo:abilis1-abilis2 cdo:01234567
COMMAND EXECUTED [16:42:55] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) with Abilis Back-up (AIPT-BCK) ------------ DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL BCKRES:CtiSLink FRAG:AIPT FRAGSIZE:1400 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:DATA LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.002.002.002 REMIPADD:217.001.001.001 - Back-Up -------------------------------------------------------------- BRTY:US BNRTY:30 BTB:10 BAC:DOD DDT:220 VDT:10 UDT:NOMAX CDI:* CDO:01234567 CGI:* CGO:# SDI:* SDO:# SGI:ABILIS2-ABILIS1 SGO:ABILIS1-ABILIS2
Tip | |
---|---|
Saving the configuration with save conf
command, the validation procedure will automatically change the
parameter |
Tip | |
---|---|
Activation of Link Check protocol is recommended ( |
Tip | |
---|---|
Encryption of data packets has been activated
( |
Tip | |
---|---|
Fragmentation has been activated
( |
[16:49:19] ABILIS_CPX_1:save conf
VALIDATION IN PROGRESS ... WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [16:49:22] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - IP over IP (Abilis tunnel) with Abilis Back-up (AIPT-BCK) ---------- DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL BCKRES:CtiSLink FRAG:AIPT FRAGSIZE:1400 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:DATA LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.001.001.001 REMIPADD:217.002.002.002 - Back-Up -------------------------------------------------------------- BRTY:US BNRTY:30 BTB:10 BAC:DOD DDT:220 VDT:10 UDT:NOMAX CDI:* CDO:01765432 CGI:* CGO:# SDI:* SDO:# SGI:ABILIS1-ABILIS2 SGO:ABILIS2-ABILIS1
[16:49:27] ABILIS_CPX_2:save conf
VALIDATION IN PROGRESS ... WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [16:49:29] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - IP over IP (Abilis tunnel) with Abilis Back-up (AIPT-BCK) ---------- DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL BCKRES:CtiSLink FRAG:AIPT FRAGSIZE:1400 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:DATA LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.002.002.002 REMIPADD:217.001.001.001 - Back-Up -------------------------------------------------------------- BRTY:US BNRTY:30 BTB:10 BAC:DOD DDT:220 VDT:10 UDT:NOMAX CDI:* CDO:01234567 CGI:* CGO:# SDI:* SDO:# SGI:ABILIS2-ABILIS1 SGO:ABILIS1-ABILIS2
Now the configuration of the VPN is completed.
To increase the reliability of the VPN, it is possible to activate the ART (Abilis Redundant Tunneling) protocol, also named “Double Path”.
Tip | |
---|---|
It is avdisable to use ART ONLY with lines with the same speed. In fact, if ART is used with lines with different speed, packets are sent with a maximum speed equal to that one of the slower line. Moreover, if a line is saturated, the entire Tunnel doesn't work properly! |
Warning | |
---|---|
When double path is active the traffic is obviously duplicated: this could be very “dangerous” on pay per use lines! |
Example: there are two Abilis. Each one has two different Internet lines with static public IP addresses.
First IP address of “Abilis 1” (ABILIS_CPX_1) : 217.1.1.1
Second IP address of “Abilis 1” (ABILIS_CPX_1): 80.80.80.80
Private IP address of “Abilis 1” (ABILIS_CPX_1): 192.168.0.254/24
First IP address of “Abilis 2” (ABILIS_CPX_2): 217.2.2.2
Second IP address of “Abilis 2” (ABILIS_CPX_2): 81.81.81.81
Private IP address of “Abilis 2” (ABILIS_CPX_2): 192.168.1.254/24
First, add a new resource on both Abilis:
[17:09:11] ABILIS_CPX_1:a res:ip-5 subtype:aipt
COMMAND EXECUTED [17:10:18] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:NO IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:STD D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.000.254) REMIPADD:#
[17:09:19] ABILIS_CPX_2:a res:ip-5 subtype:aipt
COMMAND EXECUTED [17:10:13] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:NO IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:STD D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.001.254) REMIPADD:#
Configuring MODE
:EXT
and
PATH
:DOUBLE
new parameters will
appear:
[17:18:28] ABILIS_CPX_1:s p ip-5 mode:ext path:double
COMMAND EXECUTED [17:18:35] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:NO IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:DOUBLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.000.254) REMIPADD:# OUT-IP2:AUTO LOCIPADD2:R-ID (192.168.000.254) REMIPADD2:#
[17:10:16] ABILIS_CPX_2:s p ip-5 mode:ext path:double
COMMAND EXECUTED [17:18:40] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:NO IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:DOUBLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.001.254) REMIPADD:# OUT-IP2:AUTO LOCIPADD2:R-ID (192.168.001.254) REMIPADD2:#
Tip | |
---|---|
The parameter |
New parameters are:
OUT-IP2
: second output IP resource
(AUTO
will send the packets to the default
gateway specified in IP routing table; it's also possible to specify
the ID of the outgoing IP resource).
LOCIPADD2
: second IP address that the local
Abilis will use as “source address” for the path
2.
REMIPADD2
: second IP address of the remote
Abilis for the path 2
Configuration of other parameters of both Abilis must mirror each other; see Section 38.3.1, “Abilis IP Tunnel over IP – Extended Mode”.
[17:18:52] ABILIS_CPX_1:s p ip-5 descr:To_Abilis_2 neigh:192.168.1.254 mask:255.255.255.0 nat:inside frag:aipt fragsize:1400 lcr:data remport:2105 locipadd:217.1.1.1 remipadd:217.2.2.2 locipadd2:80.80.80.80 remipadd2:81.81.81.81 out-ip2:3
COMMAND EXECUTED [17:33:17] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:AIPT FRAGSIZE:1400 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:DATA LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:DOUBLE LOCPORT:2105 REMPORT:2105 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.001.001.001 REMIPADD:217.002.002.002 OUT-IP2:3 GW2:# LOCIPADD2:080.080.080.080 REMIPADD2:081.081.081.081
[17:18:55] ABILIS_CPX_2:s p ip-5 descr:To_Abilis_1 neigh:192.168.0.254 mask:255.255.255.0 nat:inside frag:aipt fragsize:1400 lcr:data remport:2105 locipadd:217.2.2.2 remipadd:217.1.1.1 locipadd2:81.81.81.81 remipadd2:80.80.80.80 out-ip2:3
COMMAND EXECUTED [17:35:08] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:aipt FRAGSIZE:1400 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:DATA LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:DOUBLE LOCPORT:2105 REMPORT:2105 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.002.002.002 REMIPADD:217.001.001.001 OUT-IP2:3 GW2:# LOCIPADD2:081.081.081.081 REMIPADD2:080.080.080.080
Tip | |
---|---|
Saving the configuration with save conf
command, the validation procedure will automatically change the
parameter |
Tip | |
---|---|
Activation of Link Check protocol is recommended ( |
Tip | |
---|---|
Encryption of data packets has been activated
( |
Tip | |
---|---|
Fragmentation has been activated
( |
[17:33:19] ABILIS_CPX_1:save conf
VALIDATION IN PROGRESS ... WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [17:37:31] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - IP over IP (Abilis tunnel) (AIPT) ---------------------------------- DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:AIPT FRAGSIZE:1400 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:DATA LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:DOUBLE LOCPORT:2105 REMPORT:2105 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.001.001.001 REMIPADD:217.002.002.002 OUT-IP2:3 GW2:# LOCIPADD2:080.080.080.080 REMIPADD2:081.081.081.081
[17:35:10] ABILIS_CPX_2:save conf
VALIDATION IN PROGRESS ... WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [17:44:27] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - IP over IP (Abilis tunnel) (AIPT) ---------------------------------- DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL FRAG:AIPT FRAGSIZE:1400 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:DATA LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:DOUBLE LOCPORT:2105 REMPORT:2105 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.002.002.002 REMIPADD:217.001.001.001 OUT-IP2:3 GW2:# LOCIPADD2:081.081.081.081 REMIPADD2:080.080.080.080
Now the configuration of the VPN is completed.