HPE MSR series router NAT, DHCP, SSH config

1. NAT Configuration

  1.1. Define Access List

[Router] acl basic 2001 
[Router] step 1
[Router] rule 0 permit
[Router] rule 10 deny

2. Interfaces Configuration

  2.1. External (WAN) interface configuration

[Router] interface GigabitEthernet 0/0/0
[Router] ip address 10.163.195.2 255.255.255.0
[Router] nat outbound 2001

   2.2. Internal (LAN) sub-interfaces configuration

[Router] interface GigabitEthernet 0/0/1.2
[Router] ip address 192.168.1.2 255.255.255.0
[Router] vlan-type dot1q vid 2

[Router] interface GigabitEthernet 0/0/1.3
[Router] ip address 192.168.2.2 255.255.255.0
[Router] vlan-type dot1q vid 3

[Router] interface GigabitEthernet 0/0/1.4
[Router] ip address 192.168.3.2 255.255.255.0
[Router] vlan-type dot1q vid 4

3. DHCP Server Configuration

   3.1. Enable DHCP service on router

[Router] dhcp enable

   3.2. Define dhcp settings for vlan 2

[Router] dhcp server ip-pool vlan 2
[Router] network 192.168.1.0 mask 255.255.255.0
[Router] dns-list 8.8.8.8
[Router] gateway-list 192.168.1.2

  3.3. Define dhcp settings for vlan 3

[Router] dhcp server ip-pool vlan 3
[Router] network 192.168.2.0 mask 255.255.255.0
[Router] dns-list 8.8.8.8
[Router] gateway-list 192.168.2.2

  3.4. Define dhcp settings for vlan 4

[Router] dhcp server ip-pool vlan 4
[Router] network 192.168.3.0 mask 255.255.255.0
[Router] dns-list 8.8.8.8
[Router] gateway-list 192.168.3.2

4. Apply DHCP server pools to specific sub-interfaces

  4.1 Apply dhcp pool [server ip-pool vlan 2] to sub-interface GigabitEthernet 0/0/1.2

[Router] interface GigabitEthernet 0/0/1.2
[Router] dhcp server apply ip-pool vlan 2

 4.2 Apply dhcp pool [server ip-pool vlan 3] to sub-interface GigabitEthernet 0/0/1.3

[Router] interface GigabitEthernet 0/0/1.3
[Router] dhcp server apply ip-pool vlan 3

4.3 Apply dhcp pool [server ip-pool vlan 3] to sub-interface GigabitEthernet 0/0/1.4

[Router] interface GigabitEthernet 0/0/1.4
[Router] dhcp server apply ip-pool vlan 4

5. Define default-gateway to ISP

[Router] ip route static 0.0.0.0 0.0.0.0 10.163.195.1


SSH Configuration 

1. Create a SSH client and define client privilege:

[Router] local-user admin
[Router] password simple ssh_client
[Router] authorization-attribute level 3
[Router] service-type ssh

2. Define the User Interface:

[Router] user-interface vty 0 4
[Router] authentication-mode scheme
[Router] protocol inbound ssh

3. Define the public key and enable SSH server

[Router] public-key local create rsa
[Router] public-key local create dsa
[Router] ssh server enable

After configuration you will be able to SSH the Router either from  WAN IP address or LAN IP address as well. 

Comments

Popular posts from this blog

Mikrotik Router OS CAPsMAN Wifi Controller Simple Configuration

Quality of Service scenarios and configuration HP Series 2530 Switches