L2tp configuration examples, Configuration example for nas-initiated vpn, Network requirements – H3C Technologies H3C SecPath F1000-E User Manual

18

To do…

Use the command…

Remarks

Display information about L2TP
sessions

display l2tp session

Available in any view

L2TP Configuration Examples

Configuration Example for NAS-Initiated VPN

Network requirements

A VPN user accesses the corporate headquarters as follows:

1.

The user dials in to the NAS.

2.

The NAS determines whether the user is a valid VPN client. If so, it initiates a tunneling request to

the LNS.

3.

After a tunnel is set up between the NAS and the LNS, the NAS transfers the results of its

negotiation with the VPN user to the LNS.

4.

The LNS decides whether to accept the connection request according to the negotiated results.

5.

The user communicates with the headquarters over the tunnel between the NAS and the LNS.

Figure 9 Network diagram for the NAS-initiated VPN

Configuration procedure

Step1

LAC side configuration

•

Configure the NAS

# Configure IP addresses for interfaces. (Omitted)
# Create a local user named vpdnuser, set the password, and enable the PPP service.

system-view

[LAC] local-user vpdnuser

[LAC-luser-vpdnuser] password simple Hello

[LAC-luser-vpdnuser] service-type ppp

[LAC-luser-vpdnuser] quit

# Configure interface Async 1/0.

[LAC] interface async 1/0

[LAC-Async1/0] ip address 1.1.1.1 255.255.255.0

[LAC-Async1/0] ppp authentication-mode chap

[LAC-Async1/0] quit

# Enable L2TP.

[LAC] l2tp enable