beautypg.com

Configuring an lac to establish an l2tp tunnel – H3C Technologies H3C SecPath F1000-E User Manual

Page 44

background image

11

Configuring an LAC to Establish an L2TP Tunnel

To configure an LAC to establish an L2TP tunnel, you need to:

Create a virtual template interface.

Configure the virtual template interface parameters, including the IP address, the PPP authentication

method for the LAC to use to authenticate the virtual PPP user, the PPP authentication method
supported by the virtual PPP user, and the username and password of the virtual PPP user. The

authentication method to be used by the LAC and that supported by the virtual PPP user must be

consistent.

Configure AAA authentication for VPN users on the LAC. The configured username and password
for AAA authentication must be the same as those configured for PPP authentication on the virtual

template interface.

Trigger the LAC to establish an L2TP tunnel.

Follow these steps to trigger an LAC to establish an L2TP tunnel:

To do…

Use the command…

Remarks

Enter system view

system-view

Create a virtual template interface
and enter its view

interface virtual-template
virtual-template-number

Required
By default, no virtual template
interface exists.

Assign an IP address to the virtual

template interface

ip address address mask

Required
Not assigned by default

Configure the authentication method
for the LAC to use to authenticate the

virtual PPP user

ppp authentication-mode
{ chap | pap } [ domain

isp-name ]

Required
By default, no authentication is
performed for PPP users.

Configure the username and
password for PAP authentication

ppp pap local-user username
password { cipher | simple }

password

Required
No PAP
username and

password are

configured for

PPP users.

Configure the username for CHAP
authentication

ppp chap user username

Configure the password for CHAP
authentication

ppp chap password
{ cipher | simple } password

Required
No CHAP

username and

password are
configured for

PPP users.

Use one
approach

according to the

authentication
method

configured on

the LAC for

virtual PPP users

Configure AAA authentication for
VPN users on the LAC side

See

Configuring AAA

Authentication for VPN Users on

LAC Side

for more information.

Required

Trigger the LAC to establish an L2TP
tunnel with the LNS

l2tp-auto-client enable

Required
By default, an LAC does not
establish an L2TP tunnel.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: