Westermo RedFox Series User Manual
Page 850
Westermo OS Management Guide
Version 4.17.0-0
– Dynamic routing: It is possible to use dynamic routing protocols such
as OSFP (
) at Alice and Bob to exchange
routes. Below is a sample RIP configuration at Alice (
), but the
setup would be the same at the VPN client (Bob).
Example
alice:/config/#> router
alice:/config/router/#> rip
Activating RIP with default settings, type ’abort’ to cancel.
alice:/config/router/rip/#> network vlan1
alice:/config/router/rip/#> network ssl0
alice:/config/router/rip/#> leave
Configuration activated. Remember "copy run start" to save to flash (NVRAM).
alice:/#>
– Static routing: When using static routing to route traffic between the
office networks in
, Bob should be configured with a static IP
address on his SSL interface (rather than acquiring it dynamically as
described in
). Here we assume that Bob’s SSL inter-
face has IP address 10.0.2.2/24. In addition, Bob can disable routes or
addresses pushed by Alice using the ”no pull” setting.
Example
bob:/config/#> iface ssl0
bob:/config/iface-ssl0/#> inet static
bob:/config/iface-ssl0/#> address 10.0.2.2/24
bob:/config/iface-ssl0/#> end
bob:/config/#> tunnel
bob:/config/tunnel/#> ssl 0
bob:/config/tunnel/ssl-0/#> no pull
bob:/config/tunnel/ssl-0/#> end
bob:/config/tunnel/#>
Alice and Bob can then setup static routes to their respective networks.
Here we show how Alice defines a static route to the office network at
Bob (10.0.3.0/24).
Example
alice:/config/#> ip
alice:/config/ip/#> route 10.0.3.0/24 10.0.2.2
alice:/config/ip/#>
Bob would add a corresponding static route to the central office subnet
(”route 10.0.0.0/24 10.0.2.1”).
850
➞ 2015 Westermo Teleindustri AB