You are on page 1of 48

Hướng dẫn cấu hình dịch vụ MegaWAN VPN L3

VPN Service
Hướng dẫn cấu hình dịch vụ MegaWAN VPN L3...................................................................1
VPN Service........................................................................................................................... 1
I.Configuration on OLT........................................................................................................... 1
II.Configuration for Totolink...................................................................................................41

I.

Configuration on OLT

1.

Create vlan

a) Create Vlan Shub.
Browse toNe->InfrastStructure->Layer 2-> Vlan-> Create->Vlan Shub

Parameter:

Vlan ID = 2451

Mode: residential bridge

Port: NTA-1, LTA-1, LTB-1

Click Next:

After creation:

We could create shub vlan with CLI commandline:
configure vlan shub id 2451 mode cross-connect name VPN
configure vlan shub id 2451 egress-port network:1
configure vlan shub id 2451 egress-port lt:1/1/1

b) Create Pon Vlan

Browse toNe->InfrastStructure->Layer 2-> Vlan-> Create->Vlan

Vlan ID: 2451

Parameter:
Tab general:

Configuration: mode Residential Bridge

Tagging Mode: Stacked

After creation:

Create Vlan with TL1 commandline:
ENT-PONVLAN::PONVLAN-2451::::mode=rbridge,tagmode=stacked;
 Enable DHCP Option 82 on Vlan 2451, do the same with vlan 2452 on brand 2

c) Add static mac for Vlan Shub and Vlan LT
Browse to Ne->InfrastStructure->Layer 2-> Vlan Shub 2451 -> Create->Static MAC
Adress

 Add the MAC of ONT => Next

 Add port LT that has the ONT pluged in => Finish

Browse to Ne->InfrastStructure->Layer 2-> Vlan 2451 -> Create->Static MAC
Adress

 Add the MAC address of ONT => Next

 Add the bridge port that has configured vlan 2451

 Create one Arp Entry on Vlan 2451.

 Add the bridge port that associated with VLan 2451

 Add the Wan IP for Brand 1 => Next

Note: We do the same steps with brand 2 with Vlan 2452

 Add the C-Vlan ID => Finish

Note: Do the same with on Bran 2 with Vlan 2452

2.

QoS Profile

a) QoS marker
Browse toInfranstructure QoS QoS Marker Profile Create QoS Marker Profile

Profile ID: 5

• Name: Flex_NoTag_Def2
• Upstream parameter:
o General:
 Mode: flexible,
 Default Ethernet priority: Spare (2)
• Downstream parameter:
o General mode : strip tag

After creation:

Create QoS Marker profile by TL1:
> ent-qosmarkprof::5:::Flex_notag_def2:PROFTYPE=flexmode,DOT1P=2,UNTAGDS=XMITNOTAG,UNTAGU
S=usedefpriority,PRITAGUS=USEDEFCVLAN,TPID=8100

b) QoS session
Browse toInfranstructure QoS QoS Session Profile CreateQoS Session Profile

ent-qos-essprof::5:::Flex_Notag:UPMARKPROFID=12,UPMARKPROFNM=Flex_notag

3 PQ Profile
Ne->InfrastStructure->Transmission->Gpon-> Priority Queue Profile-> Create
Priority Queue Profile

Use TL1:
ENT-PROFILEPQ::3:::MegaWAN:PQ1WEIGHT=0,DOT1P0PQ=1,DOT1P1PQ=1,DOT1P2PQ=1,DOT1P3PQ=1,D
OT1P4PQ=1,DOT1P5PQ=1,DOT1P6PQ=1,DOT1P7PQ=1;
4 Bandwitdh Profile
Browse toNe->InfrastStructure->Transmission->Gpon-> Bandwitdh Profile-> Create

5 Create ONT
NE -> RACK -> SUBRACK -> SLOT -> PON -> Discovered ONT

Copy Serial number of ONT2 :

ALCLF8A3D43F

Then, create ONT2 and paste Serial Number in Indentification Tab :

NE -> RACK -> SUBRACK -> SLOT -> PON ->ONT provisioned -> Create
ONT

In Tab General , change Administrative State to Unlocked , then Finish

To Provisioned ONT, copy Active Software (ALCLF8A3D43F) to Planned Software
( Unplannded), then Apply.

6 Create Planned Card on ONT
NE -> RACK -> SUBRACK -> SLOT -> PON ->ONT provisioned -> ONT>Create Planned Card

7 Create Ethernet Port on ONT
NE -> RACK -> SUBRACK -> SLOT -> PON ->ONT provisioned -> ONT->
Planned ONT Card-> Create Ethernet port

8 Service Portal
Ne-> Rack->Subrack->Slot->Pon->ONT->ONT Provisioned->ONT->Planned
ONT Card-> Service Portal.

9 Service Flow
NE -> RACK -> SUBRACK -> SLOT -> PON ->ONT provisioned -> ONT>Planned ONT Card-> Service Flow-> Create service flow

Following above steps, we can create 2 service flows on 2 ONTs for testing VPN
service.

II.

Configuration for Totolink
1. Brand 1:
-

Operation mode: Gateway

-

Wan Interface:

-

-

o

IP: 10.0.2.2

o

Subnet mask: 255.255.255.252

o

Gateway: 10.0.2.1

o

Các option khác: Enable ping from WAN, Enable IPSec.

Lan Inteface:
o

IP: 192.168.2.1

o

Subnet mask: 255.255.255.0

Route Setup:
o

Enable dynamic route

o

Disable NAT

o

Add route:

Route 1:

IP: 10.0.3.0

Subnet Mask: 255.255.255.252

Gateway: 10.0.2.1

Metric: 1

Interface: WAN

Route 2:

IP: 192.168.3.0

Subnet Mask: 255.255.255.252

Gateway: 10.0.2.1

Metric: 1

Interface: WAN

Dưới đây là các hình mô tả cấu hình của totolink trên brand 1:
Operation Mode:

WAN Interface Setup:

LAN Interface Setup:

Routing Setup:

2. Brand 2:
-

Operation mode: Gateway

-

Wan Interface:

-

o

IP: 10.0.3.2

o

Subnet mask: 255.255.255.252

o

Gateway: 10.0.3.1

o

Các option khác: Enable ping from WAN, Enable IPSec.

Lan Inteface:
o

IP: 192.168.3.1

o

Subnet mask: 255.255.255.0

-

Route Setup:
o

Enable dynamic route

o

Disable NAT

o

Add route:

Route 1:

IP: 10.0.2.0

Subnet Mask: 255.255.255.252

Gateway: 10.0.3.1

Metric: 1

Interface: WAN

Route 2:

IP: 192.168.2.0

Subnet Mask: 255.255.255.252

Gateway: 10.0.3.1

Metric: 1

Interface: WAN

Dưới đây là các hình mô tả cấu hình của totolink trên brand 2:
Operation Mode:

WAN Interface Setup:

LAN Interface Setup:

Routing Setup: