5 building vpn networks with ivm and bims, Building an ipsec vpn network – H3C Technologies H3C Intelligent Management Center User Manual

104

5 Building VPN networks with IVM and BIMS

This chapter describes using IVM and BIMS to build IPsec VPN, GRE over IPsec VPN, and DVPN

networks in which the hub device has a fixed IP address but the spoke devices have no fixed IP addresses

or reside behind a NAT or firewall device.

Figure 39 Building a VPN network

The following describes the major steps for building a VPN network:

1.

Deploy the IMC platform, IVM, and BIMS.

2.

Configure SNMP and Telnet/SSH on the hub so the platform can manage the hub.

3.

Configure CWMP on the spokes and specify the ACS as BIMS so BIMS can manage the spokes.

4.

Configure BIMS parameters on IVM so IVM can work with BIMS.

5.

IVM obtains information about hub and spoke devices and assigns configurations to the devices
through the platform and BIMS.

6.

The hub and spokes establish tunnels over the Internet.

Building an IPsec VPN network

As shown in

Figure 40

, the administrator deploys two IPsec tunnels, one between HubA and SpokeA and

the other between HubA and SpokeB, to build an IPsec VPN.