Got it
Huawei Enterprise Support Community
Community Forums Security
Route between VPN-instanc...

Route between VPN-instances

Created: Sep 20, 2018 16:34:30Latest reply: Sep 20, 2018 17:30:22 1765 2 0 0 0
  Rewarded HiCoins: 0 (problem resolved)
View the author 1#

This post enquires about the route between VPN-instances. Please see more details below.


I have two networks in different vpn-instances:


  • network A is in a public routing table;

  • network B is in vpn-instance B.

I need to establish the communication from network A to network B. Is there a way on the USG to achieve this without having to do any physical cabling?


I've tried the following static route command, but it did not work:


ip route-static x.x.x.241 32 vpn-instance vpn-instance B x.x.x.254


Like (0) Dislike (0) Favorite(0) Share Report
Previous: How to upgrade from USG6300 version V500R001C30SPC100 to version V500R001C60SPC500
Next: How enterprise mobile users access internal networks.
Featured Answers

Best answer

(0) (0)
Sergio93
Created Sep 20, 2018 16:50:39

Hello!

Please check this example - USG does have the commands, in the example there is a switch:

Route between VPN-instances-2756503-1

The configuration from SW1 : 
#

vlan batch 2

#

ip vpn-instance test

ipv4-family

  route-distinguisher 100:1

  import route-policy 1

  vpn-target 1:1 export-extcommunity

  vpn-target 1:1 import-extcommunity

#

ip vpn-instance test2

ipv4-family

  route-distinguisher 100:2

  export route-policy 2

  vpn-target 1:1 export-extcommunity

  vpn-target 1:1 import-extcommunity

#

 
interface Vlanif1

ip binding vpn-instance test

ip address 1.1.1.1 255.255.255.0

#

interface Vlanif2

ip binding vpn-instance test2

ip address 2.1.1.1 255.255.255.0

#

interface GigabitEthernet0/0/1

port link-type access

port default vlan 1

#

interface GigabitEthernet0/0/2

port link-type access

port default vlan 2

#

bgp 1

router-id 1.1.1.1

#

ipv4-family unicast

  undo synchronization

#

ipv4-family vpn-instance test

  import-route direct

#

ipv4-family vpn-instance test2

  import-route direct

#

PC 1:
 
Route between VPN-instances-2756503-2

PC 2:
 
Route between VPN-instances-2756503-3

Result:
 
Route between VPN-instances-2756503-4
View more
  • x
  • convention:
All Answers
(0) (0)
2#
Sergio93
Sergio93 Created Sep 20, 2018 16:50:39

Hello!

Please check this example - USG does have the commands, in the example there is a switch:

Route between VPN-instances-2756503-1

The configuration from SW1 : 
#

vlan batch 2

#

ip vpn-instance test

ipv4-family

  route-distinguisher 100:1

  import route-policy 1

  vpn-target 1:1 export-extcommunity

  vpn-target 1:1 import-extcommunity

#

ip vpn-instance test2

ipv4-family

  route-distinguisher 100:2

  export route-policy 2

  vpn-target 1:1 export-extcommunity

  vpn-target 1:1 import-extcommunity

#

 
interface Vlanif1

ip binding vpn-instance test

ip address 1.1.1.1 255.255.255.0

#

interface Vlanif2

ip binding vpn-instance test2

ip address 2.1.1.1 255.255.255.0

#

interface GigabitEthernet0/0/1

port link-type access

port default vlan 1

#

interface GigabitEthernet0/0/2

port link-type access

port default vlan 2

#

bgp 1

router-id 1.1.1.1

#

ipv4-family unicast

  undo synchronization

#

ipv4-family vpn-instance test

  import-route direct

#

ipv4-family vpn-instance test2

  import-route direct

#

PC 1:
 
Route between VPN-instances-2756503-2

PC 2:
 
Route between VPN-instances-2756503-3

Result:
 
Route between VPN-instances-2756503-4
View more
  • x
  • convention:
(0) (0)
3#
Fernandoizsa
Fernandoizsa Created Sep 20, 2018 17:30:22


Hi i attach a example configuration of Different VPN Instances .


http://support.huawei.com/hedex/hdx.do?lib=EDOC1000159731DEF0819B&docid=EDOC1000159731&lang=en&v=11&tocLib=EDOC1000159731DEF0819B&tocV=11&id=dc_cfg_ipsec_example_0013&tocURL=resources%2fdc%2fdc%5fcfg%5fipsec%5fexample%5f0013%2ehtml&p=t&fe=1&ui=3&keyword=vpn&keyword=exampl&keyword=instanc&text=CLI%25253A%252B%25253Cb%25253EExample%25253C%25252Fb%25253E%252Bfor%252BConfiguring%252BIPSec%252Bin%252BDifferent%252B%25253Cb%25253EVPN%25253C%25252Fb%25253E%252B%25253Cb%25253EInstances%25253C%25252Fb%25253E%252B%252528Using%252Bthe%252BTunnel%252BInterface%252Bfor%252BInter-%25253Cb%25253EVPN%25253C%25252Fb%25253E%252BForwarding%252529

Please refer to the next link
View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.