You are on page 1of 48

Hng dn cu hnh dch v MegaWAN VPN L3

VPN Service
Hng dn cu hnh dch v MegaWAN VPN L3...................................................................1
VPN Service........................................................................................................................... 1
I.Configuration on OLT........................................................................................................... 1
II.Configuration for Totolink...................................................................................................41

I.

Configuration on OLT

1.

Create vlan

a) Create Vlan Shub.


Browse toNe->InfrastStructure->Layer 2-> Vlan-> Create->Vlan Shub

Parameter:

Vlan ID = 2451

Mode: residential bridge

Port: NTA-1, LTA-1, LTB-1

Click Next:

After creation:

We could create shub vlan with CLI commandline:


configure vlan shub id 2451 mode cross-connect name VPN
configure vlan shub id 2451 egress-port network:1
configure vlan shub id 2451 egress-port lt:1/1/1

b) Create Pon Vlan

Browse toNe->InfrastStructure->Layer 2-> Vlan-> Create->Vlan

Vlan ID: 2451

Parameter:
Tab general:

Configuration: mode Residential Bridge

Tagging Mode: Stacked

After creation:

Create Vlan with TL1 commandline:


ENT-PONVLAN::PONVLAN-2451::::mode=rbridge,tagmode=stacked;
Enable DHCP Option 82 on Vlan 2451, do the same with vlan 2452 on brand 2

c) Add static mac for Vlan Shub and Vlan LT


Browse to Ne->InfrastStructure->Layer 2-> Vlan Shub 2451 -> Create->Static MAC
Adress

Add the MAC of ONT => Next

Add port LT that has the ONT pluged in => Finish

Browse to Ne->InfrastStructure->Layer 2-> Vlan 2451 -> Create->Static MAC


Adress

Add the MAC address of ONT => Next

Add the bridge port that has configured vlan 2451

Create one Arp Entry on Vlan 2451.

Add the bridge port that associated with VLan 2451

Add the Wan IP for Brand 1 => Next

Note: We do the same steps with brand 2 with Vlan 2452

Add the C-Vlan ID => Finish

Note: Do the same with on Bran 2 with Vlan 2452

2.

QoS Profile

a) QoS marker
Browse toInfranstructure QoS QoS Marker Profile Create QoS Marker Profile

Profile ID: 5

Name: Flex_NoTag_Def2
Upstream parameter:
o General:
Mode: flexible,
Default Ethernet priority: Spare (2)
Downstream parameter:
o General mode : strip tag

After creation:

Create QoS Marker profile by TL1:


> ent-qosmarkprof::5:::Flex_notag_def2:PROFTYPE=flexmode,DOT1P=2,UNTAGDS=XMITNOTAG,UNTAGU
S=usedefpriority,PRITAGUS=USEDEFCVLAN,TPID=8100

b) QoS session
Browse toInfranstructure QoS QoS Session Profile CreateQoS Session Profile

ent-qos-essprof::5:::Flex_Notag:UPMARKPROFID=12,UPMARKPROFNM=Flex_notag

3 PQ Profile
Ne->InfrastStructure->Transmission->Gpon-> Priority Queue Profile-> Create
Priority Queue Profile

Use TL1:
ENT-PROFILEPQ::3:::MegaWAN:PQ1WEIGHT=0,DOT1P0PQ=1,DOT1P1PQ=1,DOT1P2PQ=1,DOT1P3PQ=1,D
OT1P4PQ=1,DOT1P5PQ=1,DOT1P6PQ=1,DOT1P7PQ=1;
4 Bandwitdh Profile
Browse toNe->InfrastStructure->Transmission->Gpon-> Bandwitdh Profile-> Create

5 Create ONT
NE -> RACK -> SUBRACK -> SLOT -> PON -> Discovered ONT

Copy Serial number of ONT2 :

ALCLF8A3D43F

Then, create ONT2 and paste Serial Number in Indentification Tab :

NE -> RACK -> SUBRACK -> SLOT -> PON ->ONT provisioned -> Create
ONT

In Tab General , change Administrative State to Unlocked , then Finish

To Provisioned ONT, copy Active Software (ALCLF8A3D43F) to Planned Software


( Unplannded), then Apply.

6 Create Planned Card on ONT


NE -> RACK -> SUBRACK -> SLOT -> PON ->ONT provisioned -> ONT>Create Planned Card

7 Create Ethernet Port on ONT


NE -> RACK -> SUBRACK -> SLOT -> PON ->ONT provisioned -> ONT->
Planned ONT Card-> Create Ethernet port

8 Service Portal
Ne-> Rack->Subrack->Slot->Pon->ONT->ONT Provisioned->ONT->Planned
ONT Card-> Service Portal.

9 Service Flow
NE -> RACK -> SUBRACK -> SLOT -> PON ->ONT provisioned -> ONT>Planned ONT Card-> Service Flow-> Create service flow

Following above steps, we can create 2 service flows on 2 ONTs for testing VPN
service.

II.

Configuration for Totolink


1. Brand 1:
-

Operation mode: Gateway

Wan Interface:

IP: 10.0.2.2

Subnet mask: 255.255.255.252

Gateway: 10.0.2.1

Cc option khc: Enable ping from WAN, Enable IPSec.

Lan Inteface:
o

IP: 192.168.2.1

Subnet mask: 255.255.255.0

Route Setup:
o

Enable dynamic route

Disable NAT

Add route:

Route 1:

IP: 10.0.3.0

Subnet Mask: 255.255.255.252

Gateway: 10.0.2.1

Metric: 1

Interface: WAN

Route 2:

IP: 192.168.3.0

Subnet Mask: 255.255.255.252

Gateway: 10.0.2.1

Metric: 1

Interface: WAN

Di y l cc hnh m t cu hnh ca totolink trn brand 1:


Operation Mode:

WAN Interface Setup:

LAN Interface Setup:

Routing Setup:

2. Brand 2:
-

Operation mode: Gateway

Wan Interface:

IP: 10.0.3.2

Subnet mask: 255.255.255.252

Gateway: 10.0.3.1

Cc option khc: Enable ping from WAN, Enable IPSec.

Lan Inteface:
o

IP: 192.168.3.1

Subnet mask: 255.255.255.0

Route Setup:
o

Enable dynamic route

Disable NAT

Add route:

Route 1:

IP: 10.0.2.0

Subnet Mask: 255.255.255.252

Gateway: 10.0.3.1

Metric: 1

Interface: WAN

Route 2:

IP: 192.168.2.0

Subnet Mask: 255.255.255.252

Gateway: 10.0.3.1

Metric: 1

Interface: WAN

Di y l cc hnh m t cu hnh ca totolink trn brand 2:


Operation Mode:

WAN Interface Setup:

LAN Interface Setup:

Routing Setup: