The Abilis IP Tunnel is a virtual tunnel typically used for Data and Voice communications between Abilis.
To set up an Abilis IP Tunnel, first add an IP resource:
a res:ip-<id> subtype:<value>
id is simply the identification number and subtype is the kind of resource to be used. The following command shows supported subtypes.
[14:58:13] ABILIS_CPX_1:a res:ip-2 subtype: ?
Ip resource subtypes:
LAN IP over LAN
LAN-PT IP over LAN Passthrough
PPP IP over PPP
DSL IP over DSL
AIPT2 Abilis IP tunnel v.2
AIPT Abilis IP tunnel
AIPT-BCK Abilis IP tunnel with Back-up
VIRTUAL IP virtual
X25BSVC IP over X.25 Bsvc
The extended mode is used when both Abilis have a static IP address.
The following example considers two Abilis with a static public IP address each one.
Public IP address of “Abilis 1” (ABILIS_CPX_1): 217.1.1.1
Private IP address of “Abilis 1” (ABILIS_CPX_1): 192.168.0.254/24
Public IP address of “Abilis 2” (ABILIS_CPX_2): 217.2.2.2
Private IP address of “Abilis 2” (ABILIS_CPX_2): 192.168.1.254/24
First, add a new resource on both Abilis:
[14:58:52] ABILIS_CPX_1:a res:ip-5 subtype:aipt
COMMAND EXECUTED [15:06:29] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT:AUTO LOCIP:R-ID (192.168.000.254) REMIP:#
[14:58:14] ABILIS_CPX_2:a res:ip-5 subtype:aipt
COMMAND EXECUTED [15:06:37] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT:AUTO LOCIP:R-ID (192.168.001.254) REMIP:#
The most important parameters to configure are:
DESCR
: description of the resource.
MODE
: operating mode.
LOCPORT
: UDP port number of the local
ABILIS (the port used for the data exchange).
REMPORT
: UDP port number of the remote
ABILIS.
LOCIP
: IP address of the local
ABILIS.
REMIP
: IP address of the remote
ABILIS.
NEIGH
: IP address of the neighbour router
(the other Abilis).
MASK
: mask of remote LAN.
NAT
: NAT usage.
CR
: Encryption/Decryption
activation.
LINK-FRAG
: link fragmentation.
LINK-FRAGSIZE
: maximum size of link frame
fragments in outbound packets, in inbound the AIPT accepts any
fragmentation.
Tip | |
---|---|
The above parameters must mirror each other (i.e. The value of
|
[15:17:46] ABILIS_CPX_1:s p ip-5 descr:To_Abilis_2 neigh:192.168.1.254 mask:255.255.255.0 nat:inside cr:yes remport:2105 locip:217.1.1.1 remip:217.2.2.2
COMMAND EXECUTED [15:21:02] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT:AUTO LOCIP:217.001.001.001 REMIP:217.002.002.002
[15:06:44] ABILIS_CPX_2:s p ip-5 descr:To_Abilis_1 neigh:192.168.0.254 mask:255.255.255.0 nat:inside cr:yes remport:2105 locip:217.2.2.2 remip:217.1.1.1
COMMAND EXECUTED [15:22:37] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT:AUTO LOCIP:217.002.002.002 REMIP:217.001.001.001
Tip | |
---|---|
Saving the configuration with save conf
command, the validation procedure will automatically change the
parameter |
Tip | |
---|---|
Activation of Link Check protocol is recommended ( |
Tip | |
---|---|
Encryption of data packets has been activated
( |
Tip | |
---|---|
Fragmentation has been activated
( |
[15:21:05] ABILIS_CPX_1:save conf
VALIDATION IN PROGRESS ... WARNING: RES:Iprtr Changed "LINKS:" from 1 to 2 WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [15:21:29] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - IP over IP (Abilis tunnel) (AIPT) ---------------------------------- DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT:AUTO LOCIP:217.001.001.001 REMIP:217.002.002.002
[15:22:40] ABILIS_CPX_2:save conf
VALIDATION IN PROGRESS ... WARNING: RES:Iprtr Changed "LINKS:" from 1 to 2 WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [16:22:53] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - IP over IP (Abilis tunnel) (AIPT) ---------------------------------- DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT:AUTO LOCIP:217.002.002.002 REMIP:217.001.001.001
Now the configuration of the VPN is completed.
This mode permits to configure a VPN between two Abilis when one of them hasn't a static public IP address or is placed behind a router doing NAT/PAT.
Example: Abilis has a static public IP address and the other one has a dynamic public IP address:
Public IP address of “Abilis 1” (ABILIS_CPX_1): 217.1.1.1
Private IP address of “Abilis 1” (ABILIS_CPX_1): 192.168.0.254/24
Public IP address of “Abilis 2” (ABILIS_CPX_2): dynamic
Private IP address of “Abilis 2” (ABILIS_CPX_2): 192.168.1.254/24
“ABILIS 1” will be set as SERVER
;
“ABILIS_CPX_2” will be set as
CLIENT
.
First, add a new resource on both Abilis:
[14:58:52] ABILIS_CPX_1:a res:ip-5 subtype:aipt
COMMAND EXECUTED [15:06:29] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT:AUTO LOCIP:R-ID (192.168.000.254) REMIP:#
[14:58:14] ABILIS_CPX_2:a res:ip-5 subtype:aipt
COMMAND EXECUTED [15:06:37] ABILIS_CPX_2:d p ip-5
RRES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT:AUTO LOCIP:R-ID (192.168.001.254) REMIP:#
In SERVER
and CLIENT
modality, new parameters will appear:
[17:34:37] ABILIS_CPX_1:s p ip-5 mode:server
COMMAND EXECUTED [17:34:54] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:SERVER V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT CLI-ID:# OUT:AUTO LOCIP:R-ID (192.168.000.254) IP-FILTER:*
[17:34:45] ABILIS_CPX_2:s p ip-5 mode:client
COMMAND EXECUTED [17:35:13] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:CLIENT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT ID:R-ID (192.168.001.254) OUT:AUTO LOCIP:R-ID (192.168.001.254) REMIP:#
Configuration of both Abilis must mirror each other. The meaning of the “new” parameters:
ID
: on client side, is the identification
IP address sent by the client to the server.
CLI-ID
: on server side, is the client
identifier IP address. It can be also a “virtual
value”, but it must set at the same value of parameter
ID
on client side.
Tip | |
---|---|
|
Configure on “Abilis 1”the following parameters:
DESCR
: description of the resource.
LOCPORT
: UDP port number of the local
Abilis (the port used for the data exchange).
REMPORT
: UDP port number of the remote
Abilis.
LOCIP
: IP address of the local
Abilis.
CLI-ID
: client identifier IP
address.
NEIGH
: IP address of the neighbour router
(the other Abilis).
MASK
: mask of remote LAN.
NAT
: NAT usage.
LCR
: Encryption/Decryption
activation.
LiNK-FRAG
: link fragmentation.
LINK-FRAGSIZE
: maximum size of link frame
fragments in outbound packets, in inbound the AIPT accepts any
fragmentation.
Configure on “Abilis 2”the following parameters:
DESCR
: description of the resource.
LOCPORT
: UDP port number of the local
Abilis (the port used for the data exchange).
REMPORT
: UDP port number of the remote
Abilis.
LOCIP
: IP address of the local
Abilis.
REMIP
: IP address of the remote
ABILIS
ID
: identification IP address sent by the
client to the server
NEIGH
: IP address of the neighbour router
(the other Abilis).
MASK
: mask of remote LAN.
NAT
: NAT usage.
CR
: Encryption/Decryption
activation.
LINK-FRAG
: link fragmentation.
LINK-FRAGSIZE
: maximum size of link frame
fragments in outbound packets, in inbound the AIPT accepts any
fragmentation.
[17:35:00] ABILIS_CPX_1:s p ip-5 descr:To_Abilis_2 neigh:192.168.1.254 mask:255.255.255.0 nat:inside cr:yes remport:2105 cli-id:192.168.1.254 locip:217.1.1.1
COMMAND EXECUTED [17:54:30] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:SERVER V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT CLI-ID:192.168.001.254 OUT:AUTO LOCIP:217.001.001.001 IP-FILTER:*
[17:35:14] ABILIS_CPX_2:s p ip-5 descr:To_Abilis_1 neigh:192.168.0.254 mask:255.255.255.0 nat:inside cr:yes remport:2105 id:192.168.1.254 locip:out-ip remip:217.1.1.1
COMMAND EXECUTED [17:59:32] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:CLIENT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT ID:192.168.001.254 OUT:AUTO LOCIP:OUT-IP REMIP:217.001.001.001
Tip | |
---|---|
Saving the configuration with save conf
command, the validation procedure will automatically change the
parameter |
Tip | |
---|---|
Activation of Link Check protocol is recommended ( |
Tip | |
---|---|
Encryption of data packets has been activated
( |
Tip | |
---|---|
Fragmentation has been activated
( |
[17:58:29] ABILIS_CPX_1:save conf
VALIDATION IN PROGRESS ... WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [18:04:10] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - IP over IP (Abilis tunnel) (AIPT) ---------------------------------- DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:SERVER V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT CLI-ID:192.168.001.254 OUT:AUTO LOCIP:217.001.001.001 IP-FILTER:*
[17:59:34] ABILIS_CPX_2:save conf
VALIDATION IN PROGRESS ... WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [18:04:28] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - IP over IP (Abilis tunnel) (AIPT) ---------------------------------- DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:CLIENT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT ID:192.168.001.254 OUT:AUTO LOCIP:OUT-IP REMIP:217.001.001.001
Now the configuration of the VPN is completed.
In case of failure of the permanent VPN connection, the Abilis
tunnels may be instantaneously switched onto ISDN backup lines. The AIPT
subtype requested for this configuration is
AIPT-BCK
.
Example: two Abilis are placed in remote sides, each one has a with a static public IP address and a backup ISDN line:
Public IP address of “Abilis 1” (ABILIS_CPX_1): 217.1.1.1
Private IP address of “Abilis 1” (ABILIS_CPX_1): 192.168.0.254/24
ISDN line connected to “Abilis 1” (ABILIS_CPX_1): 01234567
Public IP address of “Abilis 2” (ABILIS_CPX_2): 217.2.2.2
Private IP address of “Abilis 2” (ABILIS_CPX_2): 192.168.1.254/24
ISDN line connected to “Abilis 2” (ABILIS_CPX_2): 01765432
First, add a new resource on both Abilis.
[15:35:35] ABILIS_CPX_1:a res:ip-5 subtype:aipt-bck
COMMAND EXECUTED [15:36:01] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) with Abilis Back-up (AIPT-BCK) ------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL BCKRES:CtiSLink LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT:AUTO LOCIP:R-ID (192.168.000.254) REMIP:# - Back-Up -------------------------------------------------------------- BRTY:LIN BNRTY:0 BTB:3 BAC:DOD DDT:220 VDT:10 UDT:NOMAX CDI:* CDO:# CGI:* CGO:# SDI:* SDO:# SGI:DISABLED SGO:#
[15:35:35] ABILIS_CPX_2:a res:ip-5 subtype:aipt-bck
COMMAND EXECUTED [15:36:08] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) with Abilis Back-up (AIPT-BCK) ------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL BCKRES:CtiSLink LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT:AUTO LOCIP:R-ID (192.168.001.254) REMIP:# - Back-Up -------------------------------------------------------------- BRTY:LIN BNRTY:0 BTB:3 BAC:DOD DDT:220 VDT:10 UDT:NOMAX CDI:* CDO:# CGI:* CGO:# SDI:* SDO:# SGI:DISABLED SGO:#
IP configuration of both Abilis remains the same shown Section 47.3.1, “Abilis IP Tunnel over IP – Extended Mode”. Consideration about ISDN Back-up configuration are the same reported here.
To complete the configuration type the following commands:
[16:37:00] ABILIS_CPX_1:s p ip-5 descr:To_Abilis_2 neigh:192.168.1.254 mask:255.255.255.0 nat:inside cr:yes remport:2105 locip:217.1.1.1 remip:217.2.2.2
COMMAND EXECUTED [16:38:33] ABILIS_CPX_1:s p ip-5 brty:us bnrty:30 btb:10 sgi:abilis1-abilis2 sgo:abilis2-abilis1 cdo:01765432
COMMAND EXECUTED [16:41:13] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) with Abilis Back-up (AIPT-BCK) ------------ DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL BCKRES:CtiSLink LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT:AUTO LOCIP:217.001.001.001 REMIP:217.002.002.002 - Back-Up -------------------------------------------------------------- BRTY:US BNRTY:30 BTB:10 BAC:DOD DDT:220 VDT:10 UDT:NOMAX CDI:* CDO:01765432 CGI:* CGO:# SDI:* SDO:# SGI:ABILIS1-ABILIS2 SGO:ABILIS2-ABILIS1
[16:41:20] ABILIS_CPX_2:s p ip-5 descr:To_Abilis_1 neigh:192.168.0.254 mask:255.255.255.0 nat:inside cr:yes remport:2105 locip:217.2.2.2 remip:217.1.1.1
COMMAND EXECUTED [16:40:04] ABILIS_CPX_2:s p ip-5 brty:us bnrty:30 btb:10 sgi:abilis2-abilis1 sgo:abilis1-abilis2 cdo:01234567
COMMAND EXECUTED [16:42:55] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) with Abilis Back-up (AIPT-BCK) ------------ DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL BCKRES:CtiSLink LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT:AUTO LOCIP:217.002.002.002 REMIP:217.001.001.001 - Back-Up -------------------------------------------------------------- BRTY:US BNRTY:30 BTB:10 BAC:DOD DDT:220 VDT:10 UDT:NOMAX CDI:* CDO:01234567 CGI:* CGO:# SDI:* SDO:# SGI:ABILIS2-ABILIS1 SGO:ABILIS1-ABILIS2
Tip | |
---|---|
Saving the configuration with save conf
command, the validation procedure will automatically change the
parameter |
Tip | |
---|---|
Activation of Link Check protocol is recommended ( |
Tip | |
---|---|
Encryption of data packets has been activated
( |
Tip | |
---|---|
Fragmentation has been activated
( |
[16:49:19] ABILIS_CPX_1:save conf
VALIDATION IN PROGRESS ... WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [16:49:22] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - IP over IP (Abilis tunnel) with Abilis Back-up (AIPT-BCK) ---------- DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL BCKRES:CtiSLink LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT:AUTO LOCIP:217.001.001.001 REMIP:217.002.002.002 - Back-Up -------------------------------------------------------------- BRTY:US BNRTY:30 BTB:10 BAC:DOD DDT:220 VDT:10 UDT:NOMAX CDI:* CDO:01765432 CGI:* CGO:# SDI:* SDO:# SGI:ABILIS1-ABILIS2 SGO:ABILIS2-ABILIS1
[16:49:27] ABILIS_CPX_2:save conf
VALIDATION IN PROGRESS ... WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [16:49:29] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - IP over IP (Abilis tunnel) with Abilis Back-up (AIPT-BCK) ---------- DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL BCKRES:CtiSLink LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT:AUTO LOCIP:217.002.002.002 REMIP:217.001.001.001 - Back-Up -------------------------------------------------------------- BRTY:US BNRTY:30 BTB:10 BAC:DOD DDT:220 VDT:10 UDT:NOMAX CDI:* CDO:01234567 CGI:* CGO:# SDI:* SDO:# SGI:ABILIS2-ABILIS1 SGO:ABILIS1-ABILIS2
Now the configuration of the VPN is completed.
To increase the reliability of the VPN, it's possible to activate the ART (Abilis Redundant Tunneling) protocol, also named “Double Path”.
Tip | |
---|---|
If one path is slower, or slows down up to blockage, the other path stays unaffected. |
Warning | |
---|---|
When the double path is active the traffic is obviously duplicated: this could be very “dangerous” on pay per use lines! |
Example: there are two Abilis. Each one has two different Internet lines with static public IP addresses.
First IP address of “Abilis 1” (ABILIS_CPX_1): 217.1.1.1
Second IP address of “Abilis 1” (ABILIS_CPX_1): 80.80.80.80
Private IP address of “Abilis 1” (ABILIS_CPX_1): 192.168.0.254/24
First IP address of “Abilis 2” (ABILIS_CPX_2): 217.2.2.2
Second IP address of “Abilis 2” (ABILIS_CPX_2): 81.81.81.81
Private IP address of “Abilis 2” (ABILIS_CPX_2): 192.168.1.254/24
First, add a new resource on both Abilis:
[17:09:11] ABILIS_CPX_1:a res:ip-5 subtype:aipt
COMMAND EXECUTED [17:10:18] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT:AUTO LOCIP:R-ID (192.168.000.254) REMIP:#
[17:09:19] ABILIS_CPX_2:a res:ip-5 subtype:aipt
COMMAND EXECUTED [17:10:13] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT:AUTO LOCIP:R-ID (192.168.001.254) REMIP:#
Configuring MODE
:EXT
and
PATH
:DOUBLE
new parameters will
appear:
[17:18:28] ABILIS_CPX_1:s p ip-5 mode:ext path:double
COMMAND EXECUTED [17:18:35] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:DOUBLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT:AUTO LOCIP:R-ID (192.168.000.254) REMIP:# OUT2:AUTO LOCIP2:R-ID (192.168.000.254) REMIP2:#
[17:10:16] ABILIS_CPX_2:s p ip-5 mode:ext path:double
COMMAND EXECUTED [17:18:40] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:DOUBLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT:AUTO LOCIP:R-ID (192.168.001.254) REMIP:# OUT2:AUTO LOCIP2:R-ID (192.168.001.254) REMIP2:#
Tip | |
---|---|
The parameter |
New parameters are:
OUT2
: second output IP resource
(AUTO
will send the packets to the default
gateway specified inthe IP routing table; it's also possible to
specify the ID of the outgoing IP resource).
LOCIP2
: second IP address that the local
Abilis will use as “source address” for the path
2.
REMIP2
: second IP address of the remote
Abilis for the path 2
Configuration of other parameters of both Abilis must mirror each other; see Section 47.3.1, “Abilis IP Tunnel over IP – Extended Mode”.
[17:18:52] ABILIS_CPX_1:s p ip-5 descr:To_Abilis_2 neigh:192.168.1.254 mask:255.255.255.0 nat:inside cr:yes remport:2105 locip:217.1.1.1 remip:217.2.2.2 locip2:80.80.80.80 remip2:81.81.81.81 out2:ip-3
COMMAND EXECUTED [17:33:17] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:DOUBLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT:AUTO LOCIP:217.001.001.001 REMIP:217.002.002.002 OUT2:Ip-3 GW2:# LOCIP2:080.080.080.080 REMIP2:081.081.081.081
[17:18:55] ABILIS_CPX_2:s p ip-5 descr:To_Abilis_1 neigh:192.168.0.254 mask:255.255.255.0 nat:inside cr:yes remport:2105 locip:217.2.2.2 remip:217.1.1.1 locip2:81.81.81.81 remipa2:80.80.80.80 out2:ip-3
COMMAND EXECUTED [17:35:08] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:DOUBLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT:AUTO LOCIP:217.002.002.002 REMIP:217.001.001.001 OUT2:Ip-3 GW2:# LOCIP2:081.081.081.081 REMIP2:080.080.080.080
Tip | |
---|---|
Saving the configuration with save conf
command, the validation procedure will automatically change the
parameter |
Tip | |
---|---|
Activation of Link Check protocol is recommended ( |
Tip | |
---|---|
Encryption of data packets has been activated
( |
Tip | |
---|---|
Fragmentation has been activated
( |
[17:33:19] ABILIS_CPX_1:save conf
VALIDATION IN PROGRESS ... WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [17:37:31] ABILIS_CPX_1:d p ip-5
RES:Ip-5 - IP over IP (Abilis tunnel) (AIPT) ---------------------------------- DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:DOUBLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT:AUTO LOCIP:217.001.001.001 REMIP:217.002.002.002 OUT2:Ip-3 GW2:# LOCIP2:080.080.080.080 REMIP2:081.081.081.081
[17:35:10] ABILIS_CPX_2:save conf
VALIDATION IN PROGRESS ... WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [17:44:27] ABILIS_CPX_2:d p ip-5
RES:Ip-5 - IP over IP (Abilis tunnel) (AIPT) ---------------------------------- DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT V-OPT:NO D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:DOUBLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT:AUTO LOCIP:217.002.002.002 REMIP:217.001.001.001 OUT2:Ip-3 GW2:# LOCIP2:081.081.081.081 REMIP2:080.080.080.080
Now the configuration of the VPN is completed.