| 45.3. Configuring Abilis IP Tunnels (AIPT) | ||
|---|---|---|
 | Chapter 45. Tunneling proprietary protocols |  |
| 45.3. Configuring Abilis IP Tunnels (AIPT) | ||
|---|---|---|
| | Chapter 45. Tunneling proprietary protocols | |
The Abilis IP Tunnel is a virtual tunnel typically used for Data and Voice communications between Abilis.
To set up an Abilis IP Tunnel, first add an IP resource:
a res:ip-<id> subtype:<value>
id is simply the identification number and subtype is the kind of resource to be used. The following command shows supported subtypes.
[14:58:13] ABILIS_CPX_1:a res:ip-2 subtype: ?
Ip resource subtypes:
LAN IP over LAN
LAN-PT IP over LAN Passthrough
PPP IP over PPP
DSL IP over DSL
AIPT2 Abilis IP tunnel v.2
AIPT Abilis IP tunnel
AIPT-BCK Abilis IP tunnel with Back-up
VIRTUAL IP virtual
X25BSVC IP over X.25 BsvcThe extended mode is used when both Abilis have a static IP address.
The following example considers two Abilis with a static public IP address each one.
Public IP address of “Abilis 1” (ABILIS_CPX_1): 217.1.1.1
Private IP address of “Abilis 1” (ABILIS_CPX_1): 192.168.0.254/24
Public IP address of “Abilis 2” (ABILIS_CPX_2): 217.2.2.2
Private IP address of “Abilis 2” (ABILIS_CPX_2): 192.168.1.254/24
First, add a new resource on both Abilis:
[14:58:52] ABILIS_CPX_1:a res:ip-5 subtype:aiptCOMMAND EXECUTED [15:06:29] ABILIS_CPX_1:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.000.254) REMIPADD:#
[14:58:14] ABILIS_CPX_2:a res:ip-5 subtype:aiptCOMMAND EXECUTED [15:06:37] ABILIS_CPX_2:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.001.254) REMIPADD:#
The most important parameters to configure are:
DESCR: description of the resource.
MODE: operating mode.
LOCPORT: UDP port number of the local
ABILIS (the port used for the data exchange).
REMPORT: UDP port number of the remote
ABILIS.
LOCIPADD: IP address of the local
ABILIS.
REMIPADD: IP address of the remote
ABILIS.
NEIGH: IP address of the neighbour router
(the other Abilis).
MASK: mask of remote LAN.
NAT: NAT usage.
CR: Encryption/Decryption
activation.
LINK-FRAG: link fragmentation.
LINK-FRAGSIZE: maximum size of link frame
fragments in outbound packets, in inbound the AIPT accepts any
fragmentation.
![[Tip]](../images/tip.png) | Tip |
|---|---|
The above parameters must mirror each other (i.e. The value of
|
[15:17:46] ABILIS_CPX_1:s p ip-5 descr:To_Abilis_2 neigh:192.168.1.254 mask:255.255.255.0 nat:inside cr:yes remport:2105 locipadd:217.1.1.1 remipadd:217.2.2.2COMMAND EXECUTED [15:21:02] ABILIS_CPX_1:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.001.001.001 REMIPADD:217.002.002.002
[15:06:44] ABILIS_CPX_2:s p ip-5 descr:To_Abilis_1 neigh:192.168.0.254 mask:255.255.255.0 nat:inside cr:yes remport:2105 locipadd:217.2.2.2 remipadd:217.1.1.1COMMAND EXECUTED [15:22:37] ABILIS_CPX_2:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.002.002.002 REMIPADD:217.001.001.001
| Tip |
|---|---|
Saving the configuration with save conf
command, the validation procedure will automatically change the
parameter |
| Tip |
|---|---|
Activation of Link Check protocol is recommended ( |
| Tip |
|---|---|
Encryption of data packets has been activated
( |
| Tip |
|---|---|
Fragmentation has been activated
( |
[15:21:05] ABILIS_CPX_1:save confVALIDATION IN PROGRESS ... WARNING: RES:Iprtr Changed "LINKS:" from 1 to 2 WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [15:21:29] ABILIS_CPX_1:d p ip-5RES:Ip-5 - IP over IP (Abilis tunnel) (AIPT) ---------------------------------- DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.001.001.001 REMIPADD:217.002.002.002
[15:22:40] ABILIS_CPX_2:save confVALIDATION IN PROGRESS ... WARNING: RES:Iprtr Changed "LINKS:" from 1 to 2 WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [16:22:53] ABILIS_CPX_2:d p ip-5RES:Ip-5 - IP over IP (Abilis tunnel) (AIPT) ---------------------------------- DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.002.002.002 REMIPADD:217.001.001.001
Now the configuration of the VPN is completed.
This mode permits to configure a VPN between two Abilis when one of them hasn't a static public IP address or is placed behind a router doing NAT/PAT.
Example: Abilis has a static public IP address and the other one has a dynamic public IP address:
Public IP address of “Abilis 1” (ABILIS_CPX_1): 217.1.1.1
Private IP address of “Abilis 1” (ABILIS_CPX_1): 192.168.0.254/24
Public IP address of “Abilis 2” (ABILIS_CPX_2): dynamic
Private IP address of “Abilis 2” (ABILIS_CPX_2): 192.168.1.254/24
“ABILIS 1” will be set as
EXT-SERVER; “ABILIS_CPX_2” will be set
as EXT-CLIENT.
First, add a new resource on both Abilis:
[14:58:52] ABILIS_CPX_1:a res:ip-5 subtype:aiptCOMMAND EXECUTED [15:06:29] ABILIS_CPX_1:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.000.254) REMIPADD:#
[14:58:14] ABILIS_CPX_2:a res:ip-5 subtype:aiptCOMMAND EXECUTED [15:06:37] ABILIS_CPX_2:d p ip-5RRES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.001.254) REMIPADD:#
In EXT-SERVER and EXT-CLIENT
modality, new parameters will appear:
[17:34:37] ABILIS_CPX_1:s p ip-5 mode:ext-serverCOMMAND EXECUTED [17:34:54] ABILIS_CPX_1:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT-SERVER D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT CLI-ID:# OUT-IP:AUTO LOCIPADD:R-ID (192.168.000.254) IP-FILTER:*
[17:34:45] ABILIS_CPX_2:s p ip-5 mode:ext-clientCOMMAND EXECUTED [17:35:13] ABILIS_CPX_2:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT-CLIENT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT ID:R-ID (192.168.001.254) OUT-IP:AUTO LOCIPADD:R-ID (192.168.001.254) REMIPADD:#
Configuration of both Abilis must mirror each other. The meaning of the “new” parameters:
ID: on client side, is the identification
IP address sent by the client to the server.
CLI-ID: on server side, is the client
identifier IP address. It can be also a “virtual
value”, but it must set at the same value of parameter
ID on client side.
| Tip |
|---|---|
|
Configure on “Abilis 1”the following parameters:
DESCR: description of the resource.
LOCPORT: UDP port number of the local
Abilis (the port used for the data exchange).
REMPORT: UDP port number of the remote
Abilis.
LOCIPADD: IP address of the local
Abilis.
CLI-ID: client identifier IP
address.
NEIGH: IP address of the neighbour router
(the other Abilis).
MASK: mask of remote LAN.
NAT: NAT usage.
LCR: Encryption/Decryption
activation.
LiNK-FRAG: link fragmentation.
LINK-FRAGSIZE: maximum size of link frame
fragments in outbound packets, in inbound the AIPT accepts any
fragmentation.
Configure on “Abilis 2”the following parameters:
DESCR: description of the resource.
LOCPORT: UDP port number of the local
Abilis (the port used for the data exchange).
REMPORT: UDP port number of the remote
Abilis.
LOCIPADD: IP address of the local
Abilis.
REMIPADD: IP address of the remote
ABILIS
ID: identification IP address sent by the
client to the server
NEIGH: IP address of the neighbour router
(the other Abilis).
MASK: mask of remote LAN.
NAT: NAT usage.
CR: Encryption/Decryption
activation.
LINK-FRAG: link fragmentation.
LINK-FRAGSIZE: maximum size of link frame
fragments in outbound packets, in inbound the AIPT accepts any
fragmentation.
[17:35:00] ABILIS_CPX_1:s p ip-5 descr:To_Abilis_2 neigh:192.168.1.254 mask:255.255.255.0 nat:inside cr:yes remport:2105 cli-id:192.168.1.254 locipadd:217.1.1.1COMMAND EXECUTED [17:54:30] ABILIS_CPX_1:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT-SERVER D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT CLI-ID:192.168.001.254 OUT-IP:AUTO LOCIPADD:217.001.001.001 IP-FILTER:*
[17:35:14] ABILIS_CPX_2:s p ip-5 descr:To_Abilis_1 neigh:192.168.0.254 mask:255.255.255.0 nat:inside cr:yes remport:2105 id:192.168.1.254 locipadd:out-ip remipadd:217.1.1.1COMMAND EXECUTED [17:59:32] ABILIS_CPX_2:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT-CLIENT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT ID:192.168.001.254 OUT-IP:AUTO LOCIPADD:OUT-IP REMIPADD:217.001.001.001
| Tip |
|---|---|
Saving the configuration with save conf
command, the validation procedure will automatically change the
parameter |
| Tip |
|---|---|
Activation of Link Check protocol is recommended ( |
| Tip |
|---|---|
Encryption of data packets has been activated
( |
| Tip |
|---|---|
Fragmentation has been activated
( |
[17:58:29] ABILIS_CPX_1:save confVALIDATION IN PROGRESS ... WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [18:04:10] ABILIS_CPX_1:d p ip-5RES:Ip-5 - IP over IP (Abilis tunnel) (AIPT) ---------------------------------- DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT-SERVER D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT CLI-ID:192.168.001.254 OUT-IP:AUTO LOCIPADD:217.001.001.001 IP-FILTER:*
[17:59:34] ABILIS_CPX_2:save confVALIDATION IN PROGRESS ... WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [18:04:28] ABILIS_CPX_2:d p ip-5RES:Ip-5 - IP over IP (Abilis tunnel) (AIPT) ---------------------------------- DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT-CLIENT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT ID:192.168.001.254 OUT-IP:AUTO LOCIPADD:OUT-IP REMIPADD:217.001.001.001
Now the configuration of the VPN is completed.
In case of failure of the permanent VPN connection, the Abilis
tunnels may be instantaneously switched onto ISDN backup lines. The AIPT
subtype requested for this configuration is
AIPT-BCK.
Example: two Abilis are placed in remote sides, each one has a with a static public IP address and a backup ISDN line:
Public IP address of “Abilis 1” (ABILIS_CPX_1): 217.1.1.1
Private IP address of “Abilis 1” (ABILIS_CPX_1): 192.168.0.254/24
ISDN line connected to “Abilis 1” (ABILIS_CPX_1): 01234567
Public IP address of “Abilis 2” (ABILIS_CPX_2): 217.2.2.2
Private IP address of “Abilis 2” (ABILIS_CPX_2): 192.168.1.254/24
ISDN line connected to “Abilis 2” (ABILIS_CPX_2): 01765432
First, add a new resource on both Abilis.
[15:35:35] ABILIS_CPX_1:a res:ip-5 subtype:aipt-bckCOMMAND EXECUTED [15:36:01] ABILIS_CPX_1:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) with Abilis Back-up (AIPT-BCK) ------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL BCKRES:CtiSLink LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.000.254) REMIPADD:# - Back-Up -------------------------------------------------------------- BRTY:LIN BNRTY:0 BTB:3 BAC:DOD DDT:220 VDT:10 UDT:NOMAX CDI:* CDO:# CGI:* CGO:# SDI:* SDO:# SGI:DISABLED SGO:#
[15:35:35] ABILIS_CPX_2:a res:ip-5 subtype:aipt-bckCOMMAND EXECUTED [15:36:08] ABILIS_CPX_2:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) with Abilis Back-up (AIPT-BCK) ------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL BCKRES:CtiSLink LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.001.254) REMIPADD:# - Back-Up -------------------------------------------------------------- BRTY:LIN BNRTY:0 BTB:3 BAC:DOD DDT:220 VDT:10 UDT:NOMAX CDI:* CDO:# CGI:* CGO:# SDI:* SDO:# SGI:DISABLED SGO:#
IP configuration of both Abilis remains the same shown Section 45.3.1, “Abilis IP Tunnel over IP – Extended Mode”. Consideration about ISDN Back-up configuration are the same reported here.
To complete the configuration type the following commands:
[16:37:00] ABILIS_CPX_1:s p ip-5 descr:To_Abilis_2 neigh:192.168.1.254 mask:255.255.255.0 nat:inside cr:yes remport:2105 locipadd:217.1.1.1 remipadd:217.2.2.2COMMAND EXECUTED [16:38:33] ABILIS_CPX_1:s p ip-5 brty:us bnrty:30 btb:10 sgi:abilis1-abilis2 sgo:abilis2-abilis1 cdo:01765432COMMAND EXECUTED [16:41:13] ABILIS_CPX_1:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) with Abilis Back-up (AIPT-BCK) ------------ DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL BCKRES:CtiSLink LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ TLOG:NO MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 D-TOUT:1000 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.001.001.001 REMIPADD:217.002.002.002 - Back-Up -------------------------------------------------------------- BRTY:US BNRTY:30 BTB:10 BAC:DOD DDT:220 VDT:10 UDT:NOMAX CDI:* CDO:01765432 CGI:* CGO:# SDI:* SDO:# SGI:ABILIS1-ABILIS2 SGO:ABILIS2-ABILIS1
[16:41:20] ABILIS_CPX_2:s p ip-5 descr:To_Abilis_1 neigh:192.168.0.254 mask:255.255.255.0 nat:inside cr:yes remport:2105 locipadd:217.2.2.2 remipadd:217.1.1.1COMMAND EXECUTED [16:40:04] ABILIS_CPX_2:s p ip-5 brty:us bnrty:30 btb:10 sgi:abilis2-abilis1 sgo:abilis1-abilis2 cdo:01234567COMMAND EXECUTED [16:42:55] ABILIS_CPX_2:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) with Abilis Back-up (AIPT-BCK) ------------ DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL BCKRES:CtiSLink LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.002.002.002 REMIPADD:217.001.001.001 - Back-Up -------------------------------------------------------------- BRTY:US BNRTY:30 BTB:10 BAC:DOD DDT:220 VDT:10 UDT:NOMAX CDI:* CDO:01234567 CGI:* CGO:# SDI:* SDO:# SGI:ABILIS2-ABILIS1 SGO:ABILIS1-ABILIS2
| Tip |
|---|---|
Saving the configuration with save conf
command, the validation procedure will automatically change the
parameter |
| Tip |
|---|---|
Activation of Link Check protocol is recommended ( |
| Tip |
|---|---|
Encryption of data packets has been activated
( |
| Tip |
|---|---|
Fragmentation has been activated
( |
[16:49:19] ABILIS_CPX_1:save confVALIDATION IN PROGRESS ... WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [16:49:22] ABILIS_CPX_1:d p ip-5RES:Ip-5 - IP over IP (Abilis tunnel) with Abilis Back-up (AIPT-BCK) ---------- DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL BCKRES:CtiSLink LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.001.001.001 REMIPADD:217.002.002.002 - Back-Up -------------------------------------------------------------- BRTY:US BNRTY:30 BTB:10 BAC:DOD DDT:220 VDT:10 UDT:NOMAX CDI:* CDO:01765432 CGI:* CGO:# SDI:* SDO:# SGI:ABILIS1-ABILIS2 SGO:ABILIS2-ABILIS1
[16:49:27] ABILIS_CPX_2:save confVALIDATION IN PROGRESS ... WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [16:49:29] ABILIS_CPX_2:d p ip-5RES:Ip-5 - IP over IP (Abilis tunnel) with Abilis Back-up (AIPT-BCK) ---------- DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL BCKRES:CtiSLink LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.002.002.002 REMIPADD:217.001.001.001 - Back-Up -------------------------------------------------------------- BRTY:US BNRTY:30 BTB:10 BAC:DOD DDT:220 VDT:10 UDT:NOMAX CDI:* CDO:01234567 CGI:* CGO:# SDI:* SDO:# SGI:ABILIS2-ABILIS1 SGO:ABILIS1-ABILIS2
Now the configuration of the VPN is completed.
To increase the reliability of the VPN, it's possible to activate the ART (Abilis Redundant Tunneling) protocol, also named “Double Path”.
| Tip |
|---|---|
If one path is slower, or slows down up to blockage, the other path stays unaffected. |
![[Warning]](../images/warning.png) | Warning |
|---|---|
When the double path is active the traffic is obviously duplicated: this could be very “dangerous” on pay per use lines! |
Example: there are two Abilis. Each one has two different Internet lines with static public IP addresses.
First IP address of “Abilis 1” (ABILIS_CPX_1): 217.1.1.1
Second IP address of “Abilis 1” (ABILIS_CPX_1): 80.80.80.80
Private IP address of “Abilis 1” (ABILIS_CPX_1): 192.168.0.254/24
First IP address of “Abilis 2” (ABILIS_CPX_2): 217.2.2.2
Second IP address of “Abilis 2” (ABILIS_CPX_2): 81.81.81.81
Private IP address of “Abilis 2” (ABILIS_CPX_2): 192.168.1.254/24
First, add a new resource on both Abilis:
[17:09:11] ABILIS_CPX_1:a res:ip-5 subtype:aiptCOMMAND EXECUTED [17:10:18] ABILIS_CPX_1:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.000.254) REMIPADD:#
[17:09:19] ABILIS_CPX_2:a res:ip-5 subtype:aiptCOMMAND EXECUTED [17:10:13] ABILIS_CPX_2:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:SINGLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.001.254) REMIPADD:#
Configuring MODE:EXT and
PATH:DOUBLE new parameters will
appear:
[17:18:28] ABILIS_CPX_1:s p ip-5 mode:ext path:doubleCOMMAND EXECUTED [17:18:35] ABILIS_CPX_1:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:DOUBLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.000.254) REMIPADD:# OUT-IP2:AUTO LOCIPADD2:R-ID (192.168.000.254) REMIPADD2:#
[17:10:16] ABILIS_CPX_2:s p ip-5 mode:ext path:doubleCOMMAND EXECUTED [17:18:40] ABILIS_CPX_2:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR: OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.255 NEIGH:000.000.000.000 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:DOUBLE LOCPORT:2105 REMPORT:2100 CR:NO CRKEY:DFT OUT-IP:AUTO LOCIPADD:R-ID (192.168.001.254) REMIPADD:# OUT-IP2:AUTO LOCIPADD2:R-ID (192.168.001.254) REMIPADD2:#
| Tip |
|---|---|
The parameter |
New parameters are:
OUT-IP2: second output IP resource
(AUTO will send the packets to the default
gateway specified inthe IP routing table; it's also possible to
specify the ID of the outgoing IP resource).
LOCIPADD2: second IP address that the local
Abilis will use as “source address” for the path
2.
REMIPADD2: second IP address of the remote
Abilis for the path 2
Configuration of other parameters of both Abilis must mirror each other; see Section 45.3.1, “Abilis IP Tunnel over IP – Extended Mode”.
[17:18:52] ABILIS_CPX_1:s p ip-5 descr:To_Abilis_2 neigh:192.168.1.254 mask:255.255.255.0 nat:inside cr:yes remport:2105 locipadd:217.1.1.1 remipadd:217.2.2.2 locipadd2:80.80.80.80 remipadd2:81.81.81.81 out-ip2:3COMMAND EXECUTED [17:33:17] ABILIS_CPX_1:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:DOUBLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.001.001.001 REMIPADD:217.002.002.002 OUT-IP2:3 GW2:# LOCIPADD2:080.080.080.080 REMIPADD2:081.081.081.081
[17:18:55] ABILIS_CPX_2:s p ip-5 descr:To_Abilis_1 neigh:192.168.0.254 mask:255.255.255.0 nat:inside cr:yes remport:2105 locipadd:217.2.2.2 remipadd:217.1.1.1 locipadd2:81.81.81.81 remipadd2:80.80.80.80 out-ip2:3COMMAND EXECUTED [17:35:08] ABILIS_CPX_2:d p ip-5RES:Ip-5 - Not Saved (SAVE CONF) ---------------------------------------------- - IP over IP (Abilis tunnel) (AIPT) ------------------------------------ DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:YES LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:NO RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:DOUBLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.002.002.002 REMIPADD:217.001.001.001 OUT-IP2:3 GW2:# LOCIPADD2:081.081.081.081 REMIPADD2:080.080.080.080
| Tip |
|---|---|
Saving the configuration with save conf
command, the validation procedure will automatically change the
parameter |
| Tip |
|---|---|
Activation of Link Check protocol is recommended ( |
| Tip |
|---|---|
Encryption of data packets has been activated
( |
| Tip |
|---|---|
Fragmentation has been activated
( |
[17:33:19] ABILIS_CPX_1:save confVALIDATION IN PROGRESS ... WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [17:37:31] ABILIS_CPX_1:d p ip-5RES:Ip-5 - IP over IP (Abilis tunnel) (AIPT) ---------------------------------- DESCR:To_Abilis_2 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.001.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:DOUBLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.001.001.001 REMIPADD:217.002.002.002 OUT-IP2:3 GW2:# LOCIPADD2:080.080.080.080 REMIPADD2:081.081.081.081
[17:35:10] ABILIS_CPX_2:save confVALIDATION IN PROGRESS ... WARNING: RES:IP-5 Changed "LMPX" from YES to EXT WARNING: RES:IP-5 Changed Abilis IP Tunnel "MPX" from NO to YES, because Link "LMPX" = EXT VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED [17:44:27] ABILIS_CPX_2:d p ip-5RES:Ip-5 - IP over IP (Abilis tunnel) (AIPT) ---------------------------------- DESCR:To_Abilis_1 OPSTATE:UP LOG:NO STATE-DETECT:NORMAL LINK-FRAG:AIPT LINK-FRAGSIZE:1480 IPADD:000.000.000.000 MASK:255.255.255.000 NEIGH:192.168.000.254 REDIS:YES HIDE:NO RP:NONE IPSEC:NO VRRP:NO NAT:INSIDE UPNP:NO DIFFSERV:NO DDNS:NO OUTBUF:100 OUTQUEUE:FAIR MTU:1500 OUTSPL:NO INBUF:0 mru:1500 SRCV:NO - TRFA section --------------------------------------------------------- TRFA:NO - Link ----------------------------------------------------------------- LLOG:DS LMPX:EXT LC:YES LCOMP:NO LCR:NO LT1:3000 LT3:9000 LN2:3 LCRKEY:DFT - IP Tunnel ------------------------------------------------------------ MODE:EXT D-TOS:0-N V-TOS:0-D C-TOS:0-D MPX:YES RS-BUF:100 V-TOUT:100 V-RED:NONE PATH:DOUBLE LOCPORT:2105 REMPORT:2105 CR:YES CRKEY:DFT OUT-IP:AUTO LOCIPADD:217.002.002.002 REMIPADD:217.001.001.001 OUT-IP2:3 GW2:# LOCIPADD2:081.081.081.081 REMIPADD2:080.080.080.080
Now the configuration of the VPN is completed.
| |  | |
| 45.2. Configuring Packet Voice tunnels |  | 45.4. Tunneling diagnostics and statistics |