381
# Configure RADIUS scheme
abc
.
<PrimaryServer> system-view
[PrimaryServer] radius scheme abc
[PrimaryServer-radius-abc] primary authentication 1.0.0.10 1812
[PrimaryServer-radius-abc] primary accounting 1.0.0.10 1813
[PrimaryServer-radius-abc] key authentication simple 123
[PrimaryServer-radius-abc] key accounting simple 123
[PrimaryServer-radius-abc] user-name-format without-domain
[PrimaryServer-radius-abc] quit
[PrimaryServer] radius session-control enable
# Configure AAA methods for ISP domain
abc
.
[PrimaryServer] domain abc
[PrimaryServer-isp-abc] authentication advpn radius-scheme abc
[PrimaryServer-isp-abc] accounting advpn radius-scheme abc
[PrimaryServer-isp-abc] quit
[PrimaryServer] domain default enable abc
3.
Configure the VAM server:
# Create ADVPN domain
abc
.
[PrimaryServer] vam server advpn-domain abc id 1
# Create hub group 0.
[PrimaryServer-vam-server-domain-abc] hub-group 0
# Specify hub private IPv4 addresses.
[PrimaryServer-vam-server-domain-abc-hub-group-0] hub private-address 192.168.0.1
[PrimaryServer-vam-server-domain-abc-hub-group-0] hub private-address 192.168.0.2
[PrimaryServer-vam-server-domain-abc-hub-group-0] hub private-address 192.168.0.3
[PrimaryServer-vam-server-domain-abc-hub-group-0] quit
# Create hub group 1.
[PrimaryServer-vam-server-domain-abc] hub-group 1
# Specify hub private IPv4 addresses.
[PrimaryServer-vam-server-domain-abc-hub-group-1] hub private-address 192.168.1.1
[PrimaryServer-vam-server-domain-abc-hub-group-1] hub private-address 192.168.1.2
# Specify a spoke private IPv4 network.
[PrimaryServer-vam-server-domain-abc-hub-group-1] spoke private-address network
192.168.1.0 255.255.255.0
# Allow establishing direct spoke-spoke tunnels.
[PrimaryServer-vam-server-domain-abc-hub-group-1] shortcut interest all
[PrimaryServer-vam-server-domain-abc-hub-group-1] quit
# Create hub group 2.
[PrimaryServer-vam-server-domain-abc] hub-group 2
# Specify the hub private IPv4 address.
[PrimaryServer-vam-server-domain-abc-hub-group-2] hub private-address 192.168.2.1
# Specify a spoke private IPv4 network.
[PrimaryServer-vam-server-domain-abc-hub-group-2] spoke private-address network
192.168.2.0 255.255.255.0
# Allow establishing direct spoke-spoke tunnels.
[PrimaryServer-vam-server-domain-abc-hub-group-2] shortcut interest all
[PrimaryServer-vam-server-domain-abc-hub-group-2] quit