{"id":6861,"date":"2022-04-22T14:23:59","date_gmt":"2022-04-22T21:23:59","guid":{"rendered":"https:\/\/www.xh86.me\/?p=6861"},"modified":"2022-04-22T14:23:59","modified_gmt":"2022-04-22T21:23:59","slug":"hpe-vsr%e9%85%8d%e7%bd%ae%e7%a9%bf%e8%b6%8anat%e5%9c%ba%e6%99%af%e4%b8%8b%e7%9a%84advpn%e6%a1%88%e4%be%8b","status":"publish","type":"post","link":"https:\/\/www.xh86.me\/?p=6861","title":{"rendered":"HPE VSR\u914d\u7f6e\u7a7f\u8d8aNAT\u573a\u666f\u4e0b\u7684ADVPN\u6848\u4f8b"},"content":{"rendered":"
\n
<\/section>\n

\u524d\u9762\u6211\u4eec\u5df2\u7ecf\u5206\u522b\u4ecb\u7ecd\u4e86ADVPN\u7684\u4e24\u79cd\u7ec4\u7f51\u7ed3\u6784\uff1aHub-Spoke\uff08ADVPN\uff1aHub-Spoke\u7c7b\u578b\u7ec4\u7f51\u5b9e\u9a8c\uff09<\/strong>\u548cFull-Mesh\uff08ADVPN\uff1aFull-Mesh\u6a21\u578b\u7ec4\u7f51\u5b9e\u9a8c\uff09<\/strong>\u3002<\/p>\n

\u4f46\u662f\u8fd9\u4e24\u4e2a\u6848\u4f8b\u548c\u5b9e\u9645\u7684\u5e94\u7528\u573a\u666f\u591a\u5c11\u5b58\u5728\u4e00\u70b9\u5dee\u522b\uff0c\u6bd4\u5982\u8bf4\u5e76\u4e0d\u662f\u6240\u6709\u7684\u4f01\u4e1a\u90fd\u4f1a\u62ff\u51fa\u4e00\u53f0\u8bbe\u5907\u6216\u8005\u670d\u52a1\u5668\u6765\u642d\u5efa\u72ec\u7acb\u7684VAM\u670d\u52a1\u5668\u548cAAA\u8ba4\u8bc1\u670d\u52a1\u5668\uff0c\u4e00\u822c\u90fd\u662f\u7b80\u5316\u90e8\u7f72<\/strong>\uff0c\u80fd\u7528\u4e00\u53f0\u8bbe\u5907\u89e3\u51b3\u7684\u95ee\u9898\u5c3d\u91cf\u4e0d\u7528\u4e24\u53f0\u8bbe\u5907\u3002\u518d\u5c31\u662f\u5b9e\u9645\u4f7f\u7528\u4e2d\u4e00\u822c\u4e0d\u662f\u6240\u6709\u7684\u7ad9\u70b9\u90fd\u6709MV\u4e13\u7ebf\uff0c\u6240\u4ee5\u7a7f\u8d8aNAT<\/strong>\u662f\u5728\u6240\u96be\u514d\u7684\u3002<\/p>\n

\u7efc\u5408\u524d\u9762\u4e24\u70b9\u5427\uff0c\u672c\u6b21\u5b9e\u9a8c\u505a\u4e00\u4e9b\u5c0f\u7684\u5347\u7ea7\uff1a<\/p>\n

1\u3001\u6a21\u62df\u5668\u4eceHCL\u5347\u7ea7\u4e3aEVE-NG\uff1b<\/strong><\/p>\n

2\u3001\u8bbe\u5907\u7531MSR36\u5347\u7ea7\u4e3aHPE\u7684VSR1000\uff0c\u7248\u672c\u662f\u6700\u65b0\u7684R0633P17\uff1b<\/strong><\/p>\n

3\u3001\u7ec4\u7f51\u7ed3\u6784\u76f4\u63a5\u4e0aFull-Mesh\u6a21\u578b\uff1b<\/strong><\/p>\n

4\u3001\u5206\u652fSpoke\u8bbe\u5907\u7ecf\u8fc7NAT\u8bbe\u5907\u3002<\/strong><\/p>\n

\u672c\u6848\u4f8b\u7684\u7ec4\u7f51\u62d3\u6251\u5982\u4e0b\uff0cCT\u548cCU\u4e24\u53f0\u8bbe\u5907\u4e3aNAT\u8bbe\u5907\u3002<\/p>\n

<\/div><\/p>\n
\n
\n
\n
<\/div><\/section>\n
HUB<\/strong><\/span><\/section>\n<\/section>\n<\/section>\n<\/section>\n

\u672c\u6848\u4f8b\u4e2dHUB\u8bbe\u5907\u540c\u65f6\u62c5\u5f533\u4e2a\u8bbe\u5907\u89d2\u8272\uff1aHub\u8bbe\u5907\u3001VAM\u670d\u52a1\u5668\u548cAAA\u8ba4\u8bc1\u670d\u52a1\u5668\u3002\u540c\u65f6\u4e0d\u6d89\u53ca\u7a7f\u8d8aNAT\uff0c\u6240\u4ee5\u548c\u4e0a\u6b21\u7684\u6848\u4f8b\u76f8\u6bd4\uff0c\u53ea\u8981\u628aVAM\u8bbe\u5907\u7684\u914d\u7f6e\u548cHUB\u8bbe\u5907\u7684\u914d\u7f6e\u878d\u5408\u4e00\u4e0b\u5373\u53ef\u3002<\/p>\n

\n
#<\/span><\/span><\/code>sysname<\/span> HUB<\/span><\/span><\/code>#<\/span><\/span><\/code>ospf<\/span> 1<\/span><\/span><\/code> area<\/span> 0.0.0.0<\/span><\/span><\/code>  network<\/span> 10.1.1.0 0.0.0.255<\/span><\/span><\/code>  network<\/span> 10.10.10.0 0.0.0.255<\/span><\/span><\/code>#<\/span><\/span><\/code>interface<\/span> GigabitEthernet1\/0<\/span><\/span><\/code> ip<\/span> address 12.1.1.2 255.255.255.0<\/span><\/span><\/code>#<\/span><\/span><\/code>interface<\/span> GigabitEthernet2\/0<\/span><\/span><\/code> ip<\/span> address 10.1.1.1 255.255.255.0<\/span><\/span><\/code>#<\/span><\/span><\/code>interface<\/span> Tunnel1 mode advpn gre<\/span><\/span><\/code> ip<\/span> address 10.10.10.1 255.255.255.0<\/span><\/span><\/code> ospf<\/span> network-type broadcast<\/span><\/span><\/code> source<\/span> GigabitEthernet1\/0<\/span><\/span><\/code> tunnel<\/span> protection ipsec profile ADVPN<\/span><\/span><\/code> vam<\/span> client HUB<\/span><\/span><\/code>#<\/span><\/span><\/code>ip<\/span> route-static 0.0.0.0 0 12.1.1.1<\/span><\/span><\/code>#<\/span><\/span><\/code>domain<\/span> advpn<\/span><\/span><\/code> authentication<\/span> advpn local<\/span><\/span><\/code>#<\/span><\/span><\/code>domain<\/span> default enable advpn<\/span><\/span><\/code>#<\/span><\/span><\/code>local-user<\/span> HUB class network<\/span><\/span><\/code> password<\/span> simple HUB<\/span><\/span><\/code> service-type<\/span> advpn<\/span><\/span><\/code>#<\/span><\/span><\/code>local-user<\/span> SPOKE1 class network<\/span><\/span><\/code> password<\/span> simple SPOKE1<\/span><\/span><\/code> service-type<\/span> advpn<\/span><\/span><\/code>#<\/span><\/span><\/code>local-user<\/span> SPOKE2 class network<\/span><\/span><\/code> password<\/span> simple SPOKE2<\/span><\/span><\/code> service-type<\/span> advpn<\/span><\/span><\/code>#<\/span><\/span><\/code>ipsec<\/span> transform-set ADVPN<\/span><\/span><\/code> encapsulation-mode<\/span> transport<\/span><\/span><\/code> esp<\/span> encryption-algorithm des-cbc<\/span><\/span><\/code> esp<\/span> authentication-algorithm sha1<\/span><\/span><\/code>#<\/span><\/span><\/code>ipsec<\/span> profile ADVPN isakmp<\/span><\/span><\/code> transform-set<\/span> ADVPN<\/span><\/span><\/code> ike-profile<\/span> ADVPN<\/span><\/span><\/code>#<\/span><\/span><\/code>ike<\/span> profile ADVPN<\/span><\/span><\/code> keychain<\/span> ADVPN<\/span><\/span><\/code>#<\/span><\/span><\/code>ike<\/span> keychain ADVPN<\/span><\/span><\/code> pre-shared-key<\/span> address 0.0.0.0 0.0.0.0 key simple ADVPN<\/span><\/span><\/code>#<\/span><\/span><\/code>vam<\/span> client name HUB<\/span><\/span><\/code> advpn-domain<\/span> ADVPN<\/span><\/span><\/code> server<\/span> primary ip-address 12.1.1.2<\/span><\/span><\/code> pre-shared-key<\/span> simple ADVPN<\/span><\/span><\/code> user<\/span> HUB password simple HUB<\/span><\/span><\/code> client<\/span> enable<\/span><\/span><\/code>#<\/span><\/span><\/code>vam<\/span> server advpn-domain ADVPN id 1<\/span><\/span><\/code> pre-shared-key<\/span> simple ADVPN<\/span><\/span><\/code> server<\/span> enable<\/span><\/span><\/code> hub-group<\/span> HUB<\/span><\/span><\/code> hub<\/span> private-address 10.10.10.1<\/span><\/span><\/code> spoke<\/span> private-address range 10.10.10.0 10.10.10.255<\/span><\/span><\/code><\/pre>\n<\/section>\n
\n
\n
\n
<\/div><\/section>\n
SPOKE1<\/strong><\/span><\/section>\n<\/section>\n<\/section>\n<\/section>\n
\u8bbe\u5907\u914d\u7f6e\u6211\u4eec\u5148\u4fdd\u6301\u548c\u4e0a\u4e2a\u6848\u4f8b\u4e00\u6837\uff0c\u770b\u4e00\u4e0b\u6548\u679c\u3002<\/p>\n
\n
#<\/span><\/span><\/code>vam<\/span> client name SPOKE1<\/span><\/span><\/code> advpn-domain<\/span> ADVPN<\/span><\/span><\/code> server<\/span> primary ip-address 12.1.1.2<\/span><\/span><\/code> pre-shared-key<\/span> simple ADVPN<\/span><\/span><\/code> user<\/span> SPOKE1 password simple SPOKE1<\/span><\/span><\/code> client<\/span> enable<\/span><\/span><\/code>#<\/span><\/span><\/code>ike<\/span> keychain ADVPN<\/span><\/span><\/code> pre-shared-key<\/span> address 0.0.0.0 0.0.0.0 key simple ADVPN<\/span><\/span><\/code>#<\/span><\/span><\/code>ike<\/span> profile ADVPN<\/span><\/span><\/code> keychain<\/span> ADVPN<\/span><\/span><\/code>#<\/span><\/span><\/code>ipsec<\/span> transform-set ADVPN<\/span><\/span><\/code> encapsulation-mode<\/span> transport<\/span><\/span><\/code> esp<\/span> encryption-algorithm des-cbc<\/span><\/span><\/code> esp<\/span> authentication-algorithm sha1<\/span><\/span><\/code>#<\/span><\/span><\/code>ipsec<\/span> profile ADVPN isakmp<\/span><\/span><\/code> transform-set<\/span> ADVPN<\/span><\/span><\/code> ike-profile<\/span> ADVPN<\/span><\/span><\/code>#<\/span><\/span><\/code>ip<\/span> route-static 0.0.0.0 0 172.1.1.1<\/span><\/span><\/code>#<\/span><\/span><\/code>ospf<\/span> 1<\/span><\/span><\/code> area<\/span> 0.0.0.0<\/span><\/span><\/code>  network<\/span> 10.10.10.0 0.0.0.255<\/span><\/span><\/code>  network<\/span> 192.1.1.0 0.0.0.255<\/span><\/span><\/code>#<\/span><\/span><\/code>interface<\/span> Tunnel1 mode advpn gre<\/span><\/span><\/code> ip<\/span> address 10.10.10.2 255.255.255.0<\/span><\/span><\/code> ospf<\/span> network-type broadcast<\/span><\/span><\/code> ospf<\/span> dr-priority 0<\/span><\/span><\/code> source<\/span> GigabitEthernet1\/0<\/span><\/span><\/code> tunnel<\/span> protection ipsec profile ADVPN<\/span><\/span><\/code> vam<\/span> client SPOKE1<\/span><\/span><\/code><\/pre>\n<\/section>\n
\n
\n
\n
<\/div><\/section>\n
SPOKE2<\/strong><\/span><\/section>\n<\/section>\n<\/section>\n<\/section>\n
\u914d\u7f6e\u548cSPOKE1\u914d\u7f6e\u76f8\u4f3c\uff0c\u76f4\u63a5\u4e0a\u914d\u7f6e\u3002<\/p>\n
\n
#<\/span><\/span><\/code>vam<\/span> client name SPOKE2<\/span><\/span><\/code> advpn-domain<\/span> ADVPN<\/span><\/span><\/code> server<\/span> primary ip-address 12.1.1.2<\/span><\/span><\/code> pre-shared-key<\/span> simple ADVPN<\/span><\/span><\/code> user<\/span> SPOKE2 password simple SPOKE2<\/span><\/span><\/code> client<\/span> enable<\/span><\/span><\/code>#<\/span><\/span><\/code>ike<\/span> keychain ADVPN<\/span><\/span><\/code> pre-shared-key<\/span> address 0.0.0.0 0.0.0.0 key simple ADVPN<\/span><\/span><\/code>#<\/span><\/span><\/code>ike<\/span> profile ADVPN<\/span><\/span><\/code> keychain<\/span> ADVPN<\/span><\/span><\/code>#<\/span><\/span><\/code>ipsec<\/span> transform-set ADVPN<\/span><\/span><\/code> encapsulation-mode<\/span> transport<\/span><\/span><\/code> esp<\/span> encryption-algorithm des-cbc<\/span><\/span><\/code> esp<\/span> authentication-algorithm sha1<\/span><\/span><\/code>#<\/span><\/span><\/code>ipsec<\/span> profile ADVPN isakmp<\/span><\/span><\/code> transform-set<\/span> ADVPN<\/span><\/span><\/code> ike-profile<\/span> ADVPN<\/span><\/span><\/code>#<\/span><\/span><\/code>ip<\/span> route-static 0.0.0.0 0 172.1.1.1<\/span><\/span><\/code>#<\/span><\/span><\/code>ospf<\/span> 1<\/span><\/span><\/code> area<\/span> 0.0.0.0<\/span><\/span><\/code>  network<\/span> 10.10.10.0 0.0.0.255<\/span><\/span><\/code>  network<\/span> 192.2.1.0 0.0.0.255<\/span><\/span><\/code>#<\/span><\/span><\/code>interface<\/span> Tunnel1 mode advpn gre<\/span><\/span><\/code> ip<\/span> address 10.10.10.3 255.255.255.0<\/span><\/span><\/code> ospf<\/span> network-type broadcast<\/span><\/span><\/code> ospf<\/span> dr-priority 0<\/span><\/span><\/code> source<\/span> GigabitEthernet1\/0<\/span><\/span><\/code> tunnel<\/span> protection ipsec profile ADVPN<\/span><\/span><\/code> vam<\/span> client SPOKE2<\/span><\/span><\/code><\/pre>\n<\/section>\n
\n
\n
\n
<\/div><\/section>\n
\u9a8c\u8bc1\u914d\u7f6e<\/strong><\/span><\/section>\n<\/section>\n<\/section>\n<\/section>\n
\u73b0\u5728\u53ef\u4ee5\u76f4\u63a5\u5728HUB\u8bbe\u5907\u4e0a\u67e5\u770b\u6ce8\u518c\u4e0a\u7ebf\u7684\u6240\u6709VAM Client\u7684IPv4\u79c1\u7f51\u5730\u5740\u6620\u5c04\u4fe1\u606f\uff0c\u53ef\u4ee5\u770b\u5230HUB\u548cSPOKE\u8bbe\u5907\u5bf9\u5e94\u89d2\u8272\u3001\u96a7\u9053\u63a5\u53e3\u5730\u5740\u3001\u516c\u7f51\u5730\u5740\u3001\u6ce8\u518c\u5730\u5740\u548cIPsec\u5730\u5740+\u7aef\u53e3\u7b49\u4fe1\u606f\u3002<\/p>\n
<\/div><\/p>\n
\u53ef\u4ee5\u770b\u5230\uff0cHUB\u8bbe\u5907\u4f7f\u7528\u7684\u81ea\u8eab\u63a5\u53e3\u5730\u5740\u4e0a\u7ebf\uff0c\u6ca1\u6709\u7a7f\u8d8aNAT\uff1b\u56e0\u4e3aSPOKE1\u548cSPOKE2\u90fd\u5728NAT\u8bbe\u5907\u540e\u9762\uff0c\u6240\u4ee5\u80fd\u770b\u5230\u516c\u7f51\u5730\u5740\u548c\u6ce8\u518c\u5730\u5740\u4e0d\u76f8\u540c\u3002\u8fd8\u53ef\u4ee5\u770b\u51fa\u94fe\u8def\u534f\u8bae\u662fIPsec over GRE\uff0c\u8fd8\u6709\u5bf9\u5e94\u7684\u7aef\u53e3\u4fe1\u606f\u7b49\u3002<\/p>\n
\u67e5\u770bVAM Client\u7684\u72b6\u6001\u673a\u4fe1\u606f\u3002<\/p>\n
<\/div><\/p>\n
\u5728HUB\u8bbe\u5907\u4e0a\u67e5\u770bOSPF\u90bb\u5c45\u4fe1\u606f\u3002\u72b6\u6001\u4e3aDROther\uff0c\u8868\u793a\u8def\u7531\u5668\u65e2\u4e0d\u662f\u6240\u8fde\u7f51\u7edc\u7684\u6307\u5b9a\u8def\u7531\u5668\uff0c\u4e5f\u4e0d\u662f\u6240\u8fde\u7f51\u7edc\u7684\u5907\u4efd\u6307\u5b9a\u8def\u7531\u5668\u3002<\/p>\n
<\/div><\/p>\n
\u67e5\u770bHUB\u4e0a\u7684IPv4 ADVPN\u96a7\u9053\u4fe1\u606f\uff0c\u53ef\u4ee5\u770b\u5230\u7c7b\u578b\u662fH-S\uff0c\u8bf4\u660e\u672c\u7aef\u662fHUB\u89d2\u8272\uff0c\u5bf9\u7aef\u662fSPOKE\u89d2\u8272\u3002<\/p>\n
<\/div><\/p>\n
\u67e5\u770bSPOKE2\u4e0a\u7684IPv4 ADVPN\u96a7\u9053\u4fe1\u606f\uff0c\u53ef\u4ee5\u770b\u5230\u7c7b\u578b\u662fS-H\uff0c\u8bf4\u660e\u672c\u7aef\u662fSPOKE\u89d2\u8272\uff0c\u5bf9\u7aef\u662fHUB\u89d2\u8272\u3002<\/p>\n
<\/div><\/p>\n
\u6b64\u65f6SPOKE2\u548cSPOKE1\u4e4b\u95f4\u662f\u6ca1\u6709\u96a7\u9053\u7684\uff0c\u6211\u4eec\u8fd8\u662f\u548c\u4e0a\u6b21\u4e00\u6837\uff0c\u624b\u5de5\u89e6\u53d1\u4e00\u4e0b\u3002<\/p>\n
<\/div><\/p>\n
\u5f88\u4e0d\u5e78\uff0cSPOKE1\u548cSPOKE2\u4e4b\u95f4\u7684\u6377\u5f84\u4e00\u76f4\u5efa\u7acb\u4e0d\u8d77\u6765\uff0c\u65e0\u6cd5\u5efa\u7acb\u6377\u5f84\uff0c\u90a3\u5c31\u662fHub-Spoke\u6a21\u578b\u4e86\u3002<\/p>\n
\u5176\u5b9e\uff0c\u8fd9\u5c31\u548c\u524d\u9762\u770b\u5230\u7684IPsec over GRE\u6709\u5173\u7cfb\u4e86\uff0c\u56e0\u4e3aSPOKE1\u548cSPOKE2\u90fd\u5728NAT\u8bbe\u5907\u540e\u9762\uff0c\u6240\u4ee5\u65e0\u6cd5\u5efa\u7acb\u70b9\u5bf9\u70b9\u96a7\u9053\u3002<\/p>\n
<\/div><\/p>\n
\u90a3\u600e\u4e48\u529e\u5462\uff1f\u529e\u6cd5\u5c31\u662f\u4fee\u6539\u96a7\u9053\u63a5\u53e3\u6a21\u5f0f\uff0c\u5b98\u7f51\u7ed9\u7684\u65b9\u6cd5\u662f\u628aGRE\u5c01\u88c5\u7684ADVPN\u96a7\u9053\u4fee\u6539\u4e3aUDP\u5c01\u88c5\u7684ADVPN\u96a7\u9053\uff0c\u540c\u65f6\u53d6\u6d88\u4e86IPsec\u4fdd\u62a4<\/strong>\u3002<\/p>\n
\u914d\u7f6e\u53d8\u66f4\u5c31\u662f\u628ainterface Tunnel1 mode advpn<\/strong> gre<\/strong>\u53d8\u66f4\u4e3ainterface Tunnel1 mode advpn udp<\/strong>\uff1b\u518d\u79fb\u9664\u6389IPsec\u4fdd\u62a4\u96a7\u9053<\/strong>tunnel protection ipsec profile ADVPN\u3002<\/p>\n
\u53d8\u66f4\u540e\u7684\u914d\u7f6e\u5982\u4e0b\uff1a<\/p>\n
\n
#<\/span><\/span><\/code>interface<\/span> Tunnel1 mode advpn udp<\/span><\/span><\/code> ip<\/span> address 10.10.10.1 255.255.255.0<\/span><\/span><\/code> ospf<\/span> network-type broadcast<\/span><\/span><\/code> source<\/span> GigabitEthernet1\/0<\/span><\/span><\/code> vam<\/span> client HUB<\/span><\/span><\/code><\/pre>\n<\/section>\n
\n
#<\/span><\/span><\/code>interface<\/span> Tunnel1 mode advpn udp<\/span><\/span><\/code> ip<\/span> address 10.10.10.2 255.255.255.0<\/span><\/span><\/code> ospf<\/span> network-type broadcast<\/span><\/span><\/code> ospf<\/span> dr-priority 0<\/span><\/span><\/code> source<\/span> GigabitEthernet1\/0<\/span><\/span><\/code> vam<\/span> client SPOKE1<\/span><\/span><\/code><\/pre>\n<\/section>\n
\n
#<\/span><\/span><\/code>interface<\/span> Tunnel1 mode advpn udp<\/span><\/span><\/code> ip<\/span> address 10.10.10.3 255.255.255.0<\/span><\/span><\/code> ospf<\/span> network-type broadcast<\/span><\/span><\/code> ospf<\/span> dr-priority 0<\/span><\/span><\/code> source<\/span> GigabitEthernet1\/0<\/span><\/span><\/code> vam<\/span> client SPOKE2<\/span><\/span><\/code><\/pre>\n<\/section>\n
\u5148\u6e05\u7a7a\u4e00\u4e0bADVPN\u4f1a\u8bdd\uff0c\u518d\u6b21\u89e6\u53d1\u4e00\u4e0b\uff0c\u5c31\u80fd\u770b\u5230\u76f4\u8fde\u96a7\u9053S-S\u5efa\u7acb\u6210\u529f\u4e86,TTL\u503c\u6709\u4e00\u4e2a\u660e\u663e\u7684\u53d8\u5316\u3002<\/p>\n
<\/div><\/p>\n
\u518d\u6b21\u67e5\u770bADVPN\u4f1a\u8bdd\u8be6\u60c5\uff0c\u53ef\u4ee5\u770b\u5230ADVPN\u96a7\u9053\u4f7f\u7528\u7684\u627f\u8f7d\u94fe\u8def\u5c42\u534f\u8bae\u5df2\u7ecf\u662fUDP\u4e86\u3002<\/p>\n
<\/div><\/p>\n
\u5f53\u7136\uff0c\u6211\u786e\u8ba4\u4e86\u4e00\u4e0b\uff0c\u547d\u4ee4\u91cc\u9762\u5e94\u8be5\u4e5f\u53ef\u4ee5\u652f\u6301IPsec over UDP\uff0c\u53ea\u9700\u8981\u5728\u96a7\u9053\u63a5\u53e3\u4e0b\u9762\u628atunnel protection ipsec profile ADVPN\u547d\u4ee4\u518d\u52a0\u56de\u53bb\u5c31\u884c\u4e86\u3002<\/p>\n
<\/div><\/p>\n
\u53ef\u4ee5\u770b\u5230\uff0cSpoke-Hub\u4f1a\u8bdd\u548cSpoke-Spoke\u4f1a\u8bdd\u7684\u5efa\u7acb\u90fd\u662f\u6ca1\u6709\u95ee\u9898\u7684\uff0c\u534f\u8bae\u662fIPsec-UDP\u3002<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
\u524d\u9762\u6211\u4eec\u5df2\u7ecf\u5206\u522b\u4ecb\u7ecd\u4e86ADVPN\u7684\u4e24\u79cd\u7ec4\u7f51\u7ed3\u6784\uff1aHub-Spoke\uff08ADVPN\uff1aHub-Spoke\u7c7b\u578b\u7ec4\u7f51\u5b9e\u9a8c […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[19,2],"tags":[],"class_list":["post-6861","post","type-post","status-publish","format-standard","hentry","category-19","category-network"],"_links":{"self":[{"href":"https:\/\/www.xh86.me\/index.php?rest_route=\/wp\/v2\/posts\/6861","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.xh86.me\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.xh86.me\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.xh86.me\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.xh86.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6861"}],"version-history":[{"count":1,"href":"https:\/\/www.xh86.me\/index.php?rest_route=\/wp\/v2\/posts\/6861\/revisions"}],"predecessor-version":[{"id":7795,"href":"https:\/\/www.xh86.me\/index.php?rest_route=\/wp\/v2\/posts\/6861\/revisions\/7795"}],"wp:attachment":[{"href":"https:\/\/www.xh86.me\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6861"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.xh86.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6861"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.xh86.me\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6861"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}