Friday , September 22 2017
Home / Security (page 3)


GRE on Huawei routers

Generic Routing Encapsulation (GRE) is introduced to encapsulate packets. Then these packets can be transmitted over an IPv4 network. GRE provides a mechanism to encapsulate packets of one protocol into packets of another protocol. This allows packets to be transmitted over heterogeneous networks. GRE also provides tunnels to transparently transmit VPN packets. When a device receives a packet that needs to be encapsulated and routed, it adds a GRE header to the packet and encapsulates it into another protocol such as IP. The packet is then forwarded by the IP protocol.

Let’s try to configure GRE tunnel between labnario_1 and labnario_3. All packets sent from PC_1 to PC_2, and vice versa, will be transmitted through the GRE tunnel.

Assure communication between routers in the network. It is omitted here.

Read More »

IPSec on Huawei AR router

How to secure communication between two sites connected to the Internet?

Use Site-to-Site IPsec VPN tunnel between two Huawei routers. IPsec VPN is an open standard protocol suite, defined by the IETF in the following RFCs: 2401, 2402-2412, 2451. IPSec is a widely used protocol for securing traffic on IP networks, including the Internet. IPSec can encrypt data between various devices, including router to router, firewall to router, desktop to router, and desktop to server.

How to configure IPsec VPN using Huawei CLI?

Let’s assume that we have two sites, Site1 and Site2. Both sites have PCs connected to the LAN network, PC1 and PC2 respectively. The sites are connected through WAN network (in our case labnarioR2 router simulates WAN). We want to secure communication between PC1 and PC2. To do so, we have to configure IPSec VPN tunnel between both sites. In our case tunnel will be established between labnarioR1 and labnarioR3 routers. Both routers will be responsible for data encryption and decryption using specified algorithms.

Read More »

traffic policy on Huawei router

That was to be expected. Poland is out of Euro Cup. The only thing we can do is to come back to the real world :).

Today I will show you how to use ACLs and traffic policies for packets’ lost troubleshooting in a network.

Huawei ACL and traffic policy configuration

Let’s assume that we have such topology:

What we have to do is to check end-to-end connectivity between CE and R2 Loopback100 interface, to find where packets are being lost.

Read More »