H3C Technologies H3C SecPath F1000-E User Manual

Page 60

Advertising
background image

27

[LNS-isp-aaa.net] ip pool 1 10.0.1.10 10.0.1.100

[LNS-isp-aaa.net] quit

[LNS] domain bbb.net

[LNS-isp-bbb.net] authentication ppp local

[LNS-isp-bbb.net] ip pool 1 10.0.2.10 10.0.2.100

[LNS-isp-bbb.net] quit

# Create two virtual template interfaces.

[LNS] interface virtual-template 1

[LNS-Virtual-Template1] ip address 10.0.1.1 255.255.255.0

[LNS-Virtual-Template1] remote address pool 1

[LNS-Virtual-Template1] ppp authentication-mode chap domain aaa.net

[LNS-Virtual-Template1] quit

[LNS] interface virtual-template 2

[LNS-Virtual-Template2] ip address 10.0.2.1 255.255.255.0

[LNS-Virtual-Template2] remote address pool 1

[LNS-Virtual-Template2] ppp authentication-mode chap domain bbb.net

[LNS-Virtual-Template2] quit

# Create two L2TP groups.

[LNS] l2tp-group 3

[LNS-l2tp3] tunnel name LNS

[LNS-l2tp3] tunnel authentication

[LNS-l2tp3] allow l2tp virtual-template 1 remote LAC-1 domain aaa.net

[LNS-l2tp3] tunnel password simple 12345

[LNS-l2tp3] quit

[LNS] l2tp-group 4

[LNS-l2tp4] tunnel name LNS

[LNS-l2tp4] tunnel authentication

[LNS-l2tp4] allow l2tp virtual-template 2 remote LAC-1 domain bbb.net

[LNS-l2tp4] tunnel password simple 12345

If RADIUS authentication is required on the LNS, modify the AAA configurations as needed. For AAA
configuration information, see RADIUS Configuration in the Firewall Web Configuration Manual.

Step3

Configure the users

Create a dial-up connection on each host.

On Host A, enter [email protected] as the username and 11111 as the password in the dial-up

terminal window.

On Host B, enter [email protected] as the username and 22222 as the password in the dial-up

terminal window.

Step4

Verify the configurations

# After Host A establishes a dial-up connection with enterprise 1, Host A obtains the IP address 10.0.1.10

and can ping the private address of the LNS (10.0.1.1).
# After Host B establishes a dial-up connection with enterprise 2, Host B obtains the IP address 10.0.2.10

and can ping the private address of the LNS (10.0.2.1).
# On the LNS, use the display l2tp session command to check the established L2TP sessions.

[LNS-l2tp1] display l2tp session

Total session = 2

Advertising
This manual is related to the following products:

H3C SecPath F5000-A5 Firewall, H3C SecBlade FW Cards, H3C SecPath U200-A U200-M U200-S

Popular Brands
Popular manuals