beautypg.com

Configuring an lns, Creating a virtual template interface – H3C Technologies H3C SecPath F1000-E User Manual

Page 45

background image

12

NOTE:

An L2TP tunnel established in LAC-auto-initiated mode exists until you remove the tunnel by using the undo
l2tp-auto-client enable command.

Configuring an LNS

An LNS responds the tunneling requests from an LAC, authenticates users, and assigns IP addresses to

users.
Before configuring an LNS, you need to enable L2TP and create an L2TP group.

Creating a Virtual Template Interface

A virtual template interface is intended to provide parameters for virtual access interfaces to be

dynamically created by the device, such as logical MP interfaces and logical L2TP interfaces.
After an L2TP session is established, a virtual access interface is needed for data exchange with the peer.

An LNS can use different virtual access (VA) interfaces to exchange data with different LACs. Hence, you

need to specify the virtual template interface for receiving calls. The system will dynamically create a VA

interface based on the configuration parameters in the specified virtual template interface.
Follow these steps to create a virtual template interface:

To do…

Use the command…

Remarks

Enter system view

system-view

Create a virtual template interface
and enter its view

interface virtual-template
virtual-template-number

Required
By default, no virtual template
interface exists.

Configuring the Local Address and the Address Pool for
Allocation

After an L2TP tunnel is set up between an LAC and an LNS, the LNS needs to assign an IP address to a
VPN user. For this purpose, you can directly specify an IP address, or specify an address pool. Before
specifying an address pool, use the ip pool command in system view or ISP domain view to define the

address pool. For a VPN user to be authenticated, an IP address will be selected from the address pool

configured in ISP domain view. For a VPN user not requiring authentication, the IP address will be
selected from the global address pool defined in system view.
Follow these steps to configure a local address and address pool:

To do…

Use the command…

Remarks

Enter system view

system-view

Enter virtual template interface
view

interface virtual-template
virtual-template-number

Configure the local IP address

ip address ip-address { mask |
mask-length } [ sub ]

Required

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: