Tip
This is the documentation for the 20.08 version. Looking for the documentation of the latest version? Have a look here.
Configuring the IPsec Interface¶
TNSR supports routed IPsec via the ipipX
interface. The number of the
ipsec
interface corresponds to the index number of the tunnel set
previously. For example ipsec tunnel 0
is ipip0
, and ipsec tunnel 2
is ipip2
.
These IPsec interfaces are used to configure routed IPsec connectivity and they behave like most other interfaces. For example, they can have access lists defined to filter traffic.
The ipipX
interface should be configured with an IP address and the peer
will have its own IP address in the same subnet. This allows the two endpoints
to communicate directly over the IPsec interface and also gives the peer an
address through which traffic for other subnets may be routed. When configured
in this way, it acts like a directly connected point-to-point link to the peer.
IPsec Interface Example¶
In this example, the ipip0
interface is given an address of
172.32.0.1/30
. The remote peer will be 172.32.0.2/30
tnsr(config)# interface ipip0
tnsr(config-interface)# ip address 172.32.0.1/30
tnsr(config-interface)# enable
tnsr(config-interface)# exit