Got it

Cisco + Huawei DMVPN

Latest reply: Feb 28, 2018 01:22:10 6083 3 0 0 0

Hello, Community!


This post enquires about the Cisco + Huawei DMVPN. Please see more on this issue as you read further down.


ISSUE DESCRIPTION


Please, help me :)


I am trying to make Huawei friends with Cisco via NHRP, but nothing happens. On Cisco I run sh ip nhrp. Result: empty.


ON HUAWEI


[Huawei]display nhrp peer all

----------------------------------------------------------------------------------

Protocol-addr Mask NBMA-addr NextHop-addr Type Flag

----------------------------------------------------------------------------------

192.168.113.1 32 5.5.5.5 192.168.113.1 hub down

----------------------------------------------------------------------------------
Tunnel interface: Tunnel0/0/0


Created time : 00:20:18


Expire time : --


Number of nhrp peers: 1


[Huawei] 



CONFIGURATION BY CISCO
ro1#sh run 
Building configuration... 

Current configuration : 1841 bytes 
! Last configuration change at 05:54:37 UTC Tue Feb 27 2018 by admin 
version 15.1 
service timestamps debug datetime msec 
service timestamps log datetime localtime 
service password-encryption 
hostname ro1 
boot-start-marker 
boot-end-marker 
logging buffered 16386 
logging rate-limit 100 except warnings 
logging console critical 
enable secret 5 
aaa new-model 
aaa session-id common 
dot11 syslog 
ip source-route 

ip cef 
ip domain name corp. 
no ipv6 cef 
multilink bundle-name authenticated 
license udi pid CISCO1812-J/K9 sn FHK130423M3 
vtp version 2 
username admin password 7 
crypto ikev2 diagnose error 50 
ip ssh logging events 
ip ssh version 2 

interface Tunnel3 
 ip address 192.168.113.1 255.255.255.0 
 no ip redirects 
 ip mtu 1400 
 ip nhrp authentication j2jkJ78 
 ip nhrp map multicast dynamic 
 ip nhrp network-id 3 
 ip nhrp server-only 
 ip nhrp registration timeout 20 
 ip nhrp redirect 
 tunnel source FastEthernet0 
 tunnel mode gre multipoint 
interface BRI0 
 no ip address 
 encapsulation hdlc 
 shutdown 
interface FastEthernet0 
 ip address 5.5.5.5 255.255.255.248 
 duplex auto 
 speed auto 
interface FastEthernet1 
 no ip address 
 shutdown 
 duplex auto 
 speed auto 
interface FastEthernet2 
*** 
interface Vlan1 
 ip address 172.16.100.1 255.255.255.0 
router nhrp 
ip forward-protocol nd 
no ip http server 
no ip http secure-server 
!  
ip route 0.0.0.0 0.0.0.0 5.5.5.1 
access-list 10 permit 172.16.100.77 
control-plane 
line con 0 
line aux 0 
line vty 0 4 
 access-class 10 in 
 transport input ssh 
end 

ro1# 

CONFIGURATION BY HUAWEI
<Huawei>display current-configuration 
[V200R008C50SPC500] 
ssl renegotiation-rate 1 
 drop illegal-mac alarm 
 clock timezone Vladivostok add 10:00:00 
authentication-profile name default_authen_profile 
authentication-profile name dot1x_authen_profile 
authentication-profile name mac_authen_profile 
authentication-profile name portal_authen_profile 
authentication-profile name dot1xmac_authen_profile 
dns resolve 
dns proxy enable 
dhcp enable 
radius-server template default 
pki realm default 
ssl policy default_policy type server 
 pki-realm default 
 version tls1.0 tls1.1 
 ciphersuite rsa_aes_128_cbc_sha 
acl name GigabitEthernet0/0/4 2999 
 rule 5 permit 
free-rule-template name default_free_rule 
portal-access-profile name portal_access_profile 
aaa 
 authentication-scheme default 
 authentication-scheme radius 
  authentication-mode radius 
 authorization-scheme default 
 accounting-scheme default 
 domain default 
  authentication-scheme default 
 domain default_admin 
  authentication-scheme default 
 local-user admin password irreversible-cipher 
 local-user admin privilege level 15 
 local-user admin service-type terminal http 
web 
 set fast-configuration state disable 
 user-set Default 
 user-set VIP 
firewall zone Local 
interface Vlanif1 
 ip address 192.168.11.1 255.255.255.0 
 dhcp select interface 
 dhcp server dns-list 192.168.11.1 
interface Ethernet0/0/0 
interface GigabitEthernet0/0/0 
interface GigabitEthernet0/0/1 
interface GigabitEthernet0/0/2 
interface GigabitEthernet0/0/3 
interface GigabitEthernet0/0/4 
 ip address 3.3.3.3 255.255.255.240 
interface GigabitEthernet0/0/5 
 description VirtualPort 
 ip address 192.168.254.1 255.255.255.0 
 dhcp select interface 
 dhcp server static-bind ip-address 192.168.254.254 mac-address 0a0c-0d00-0000 
interface Cellular0/0/0 
interface NULL0 
interface Tunnel0/0/0 
 tunnel-protocol gre p2mp 
 source GigabitEthernet0/0/4 
 nhrp authentication simple j2jkJ78 
 nhrp redirect 
 nhrp shortcut 
 nhrp registration interval 20 
 nhrp network-id 3 
 nhrp entry 192.168.113.1 5.5.5.5 register 
 snmp-agent local-engineid 
 http secure-server ssl-policy default_policy 
 http server enable 
 http secure-server enable 
ip route-static 0.0.0.0 0.0.0.0 3.3.3.1 
fib regularly-refresh disable 
user-interface con 0 
 authentication-mode aaa 
user-interface vty 0 
 authentication-mode aaa 
 user privilege level 15 
user-interface vty 1 4 
wlan 
 wmm-profile name wmmf id 0 
 traffic-profile name traf id 0 
 security-profile name secf id 0 
 radio-profile name radiof id 0 
  wmm-profile id 0 
interface Wlan-Radio0/0/0 
interface Wlan-Radio0/0/1 
dot1x-access-profile name dot1x_access_profile 
mac-access-profile name mac_access_profile 
 undo ntp-service enable 
voice 
 # 
 diagnose 
ops 
autostart 
return 
<Huawei> 


What is the fault with the Cisco + Huawei DMVPN?
  • x
  • convention:

WoodWood
Created Feb 27, 2018 10:12:52

waiting for help,please
View more
  • x
  • convention:

MaxRAF
Created Feb 27, 2018 12:24:53

Ok, thank you
View more
  • x
  • convention:

Busy_with_lazy_mind
Created Feb 28, 2018 01:22:10

Which is the HUB, if huawei is Spode, delete nhrp redirect on interface tunnel configuration

interface Tunnel0/0/0
undo nhrp redirect
View more
  • x
  • convention:

Comment

You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.
Information Protection Guide
Thanks for using Huawei Enterprise Support Community! We will help you learn how we collect, use, store and share your personal information and the rights you have in accordance with Privacy Policy and User Agreement.