Configuration example for client-initiated vpn, Network requirements, Configuration procedure – H3C Technologies H3C SecPath F1000-E User Manual

Page 53

[LNS] dis l2tp tunnel

Total tunnel = 1

LocalTID RemoteTID RemoteAddress Port Sessions RemoteName

1 1 1.1.2.1 1701 1 LAC

# On the LNS, use the display l2tp session command to check the established L2TP sessions.

[LNS] display l2tp session

Total session = 1

LocalSID RemoteSID LocalTID

23142 729 1

Configuration Example for Client-Initiated VPN

Network requirements

As shown in

Figure 10

, a VPN user accesses the corporate headquarters as follows:

Configure an IP address and route for the user host, ensuring that the host is reachable to the LNS.

The user initiates a tunneling request to the LNS.

After the LNS accepts the connection request, an L2TP tunnel is set up between the LNS and the
VPN user.

The VPN user communicates with the headquarters over the tunnel.

Figure 10 Network diagram for the client-initiated VPN

Configuration procedure

Step1

Configure the LNS

# Configure IP addresses for the interfaces. (Omitted)
# Configure the route between the LNS and the user host. (Omitted)
# Create a local user named vpdnuser, set the password, and enable the PPP service. Note that the
username and password must match those configured on the client.

system-view

[LNS] local-user vpdnuser

[LNS-luser-vpdnuser] password simple Hello

[LNS-luser-vpdnuser] service-type ppp

[LNS-luser-vpdnuser] quit

# Configure local authentication for the VPN user.

[LNS] domain system

[LNS-isp-system] authentication ppp local

[LNS-isp-system] ip pool 1 192.168.0.2 192.168.0.100

This manual is related to the following products:

H3C SecPath F5000-A5 Firewall H3C SecBlade FW Cards H3C SecPath U200-A U200-M U200-S