Support User Manuals

Enterasys Networks XSR CLI Router User Manual

Open as PDF

of 684

Interface VPN Commands

14-126 Configuring the VPN

ip address negotiated

ThiscommandmarkstheVPNinterfacetodynamicallygetitsIPaddressviathetunnelprotocol.

PPTPandL2TPprotocolsusePPPIPCPandIPSec/IKEusestheModeConfigurationprotocol.

Syntax

ip address negotiated

Syntax of the “no” Form

no ip address negotiated

Mode

InterfaceInternetProtocolconfiguration:XSR(config-int<vpn>)#

Example

ThefollowingexamplesetstheVPNinterfacetogetitsIPaddressfromthetunnelprotocol:

XSR(config)#interface vpn 57 point-to-point

XSR(config-int<vpn>)#ip address negotiated

ip multicast-redirect

Thiscommandcontrolsredirectionofmulticastpacketstotheunicastaddressoftheremote

tunnelendpointortoanexplicitlydefinedaddresssuchasanotherIPaddressattheendofan

unnumberedtunnel.ThecommandisusefulbecausenativeIPSectunnelsattachedtoVPN

interfaceswillnoteasilyforwardmulticast

trafficwithoutsubstantialcryptomapconfiguration.

MulticastredirectionmustbeenabledtosupportRIPoverIPSectunnelswhenexplicitmulticast

policyrulesarenotincludedintheSecurityPolicyDatabase.RedirectionisnotrequiredforPPTP

andL2TPtunnels.

Syntax

ip multicast-redirect [tunnel-endpoint | ip-address]

Syntax of the “no” Form

Thenoformofthecommanddisablesmulticastpacketredirectionandallowsmulticasttrafficto

flowthroughthetunnelwithoutmodification:

no ip multicast-redirect [tunnel-endpoint | ip-address]

Note: Multicast redirection, if enabled, applies to all tunnels terminating at a point-to-multipoint VPN

interface.

tunnel-endpoint

RedirectsmulticasttotheremotetunnelendpointʹsIPaddressas

dynamicallysetduring tunnelcreation.

ip-address

Redirectsmulticasttraffictoanexplicit,predefinedaddress.

previous next