Verifying the configuration – H3C Technologies H3C SecPath F5020 User Manual

Page 53

Advertising
background image

45

[LNS-isp-system] quit

# Enable L2TP, and create L2TP group 1 in LNS mode.

[LNS] l2tp enable

[LNS] l2tp-group 1 mode lns

# Configure the local tunnel name as LNS, and specify Virtual-Template 1 for receiving tunneling
requests from a specified LAC.

[LNS-l2tp1] tunnel name LNS

[LNS-l2tp1] allow l2tp virtual-template 1 remote LAC

# Enable tunnel authentication, and configure the authentication key as aabbcc.

[LNS-l2tp1] tunnel authentication

[LNS-l2tp1] tunnel password simple aabbcc

[LNS-l2tp1] quit

# Configure a static route so that packets destined for the PPP user will be forwarded through the

L2TP tunnel.

[LNS] ip route-static 10.2.0.0 16 192.168.0.2

2.

Configure the LAC:
# Configure IP addresses for the interfaces. (Details not shown.)
# Enable L2TP.

<LAC> system-view

[LAC] l2tp enable

# Create L2TP group 1 in LAC mode.

[LAC] l2tp-group 1 mode lac

# Configure the local tunnel name as LAC, and specify the IP address of the tunnel peer (LNS).

[LAC-l2tp1] tunnel name LAC

[LAC-l2tp1] lns-ip 3.3.3.2

# Enable tunnel authentication, and configure the authentication key as aabbcc.

[LAC-l2tp1] tunnel authentication

[LAC-l2tp1] tunnel password simple aabbcc

[LAC-l2tp1] quit

# Create virtual PPP interface Virtual-PPP 1. Configure its username and password as vpdnuser
and Hello and PPP authentication as PAP.

[LAC] interface virtual-ppp 1

[LAC-Virtual-PPP1] ip address ppp-negotiate

[LAC-Virtual-PPP1] ppp pap local-user vpdnuser password simple Hello

[LAC-Virtual-PPP1] quit

# Configure a static route so that packets destined for the corporate network will be forwarded

through the L2TP tunnel.

[LAC] ip route-static 10.1.0.0 16 virtual-ppp 1

# Trigger the LAC to establish an L2TP tunnel with the LNS.

[LAC] interface virtual-ppp 1

[LAC-Virtual-PPP1] l2tp-auto-client l2tp-group 1

3.

On the remote host, configure the LAC as the gateway.

Verifying the configuration

# On the LNS, use the display l2tp session command to display the established L2TP session.

[LNS] display l2tp session

Advertising
This manual is related to the following products:

H3C SecPath F5040, H3C VMSG VFW1000

Popular Brands
Popular manuals