beautypg.com

H3C Technologies H3C SecPath F1000-E User Manual

Page 56

background image

23

[LNS-l2tp1] tunnel name LNS

[LNS-l2tp1] allow l2tp virtual-template 1 remote LAC

# Enable tunnel authentication and configure the authentication password.

[LNS-l2tp1] tunnel authentication

[LNS-l2tp1] tunnel password simple aabbcc

[LNS-l2tp1] quit

# Configure a static route so that packets destined for the VPN will be forwarded through the L2TP tunnel.

[LNS] ip route-static 10.2.0.0 16 virtual-template 1

Step2

Configure the LAC

# Configure IP addresses for the interfaces. (Omitted)
# Enable L2TP and create an L2TP group.

system-view

[LAC] l2tp enable

[LAC] l2tp-group 1

# Configure the local tunnel name and specify the IP address of the tunnel peer (LNS).

[LAC-l2tp1] tunnel name LAC

[LAC-l2tp1] start l2tp ip 3.3.3.2 fullusername vpdnuser

# Enable tunnel authentication and configure the authentication password.

[LAC-l2tp1] tunnel authentication

[LAC-l2tp1] tunnel password simple aabbcc

[LAC-l2tp1] quit

# Configure the PPP authentication method PAP, authentication username vpdnuser, and password
Hello for the virtual PPP user.

[LAC] interface virtual-template 1

[LAC-Virtual-Template1] ip address ppp-negotiate

[LAC-Virtual-Template1] ppp pap local-user vpdnuser password simple Hello

[LAC-Virtual-Template1] ppp authentication-mode pap

# Configure the virtual template interface to not check the next hop of a packet to be sent.

[LAC-Virtual-Template1] ppp ignore match-next-hop

[LAC-Virtual-Template1] quit

# Configure a static route so that packets destined for the corporate will be forwarded through the L2TP
tunnel.

[LAC] ip route-static 10.1.0.0 16 virtual-template 1

# Create a local user, configure the username and password, and specify the service type as PPP.

[LAC] local-user vpdnuser

[LAC-luser-vpdnuser] password simple Hello

[LAC-luser-vpdnuser] service-type ppp

# Trigger the LAC to establish an L2TP tunnel with the LNS.

[LAC] interface virtual-template 1

[LAC-virtual-template1] l2tp-auto-client enable

NOTE:

On each host connected to the LAC or LNS, configure the gateway as the LAC or LNS.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: