H3C Technologies H3C SecPath F1000-E User Manual
Page 59
26
# Create the virtual template interfaces and configure CHAP authentication.
[LAC] interface virtual-template 100
[LAC-Virtual-Template100] ppp authentication-mode chap domain aaa.net
[LAC-Virtual-Template100] quit
[LAC] interface virtual-template 101
[LAC-Virtual-Template101] ppp authentication-mode chap domain bbb.net
[LAC-Virtual-Template101] quit
# Create two L2TP groups and configure the related attributes.
[LAC] l2tp enable
[LAC] l2tp-group 1
[LAC-l2tp1] tunnel name LAC-1
[LAC-l2tp1] start l2tp ip 1.1.2.2 domain aaa.net
[LAC-l2tp1] quit
[LAC] l2tp-group 2
[LAC-l2tp2] tunnel name LAC-1
[LAC-l2tp2] start l2tp ip 1.1.2.2 domain bbb.net
# Enable the tunnel authentication and specify a tunnel authentication password.
[LAC-l2tp2] tunnel authentication
[LAC-l2tp2] tunnel password simple 12345
[LAC-l2tp2] quit
[LAC] l2tp-group 1
[LAC-l2tp1] tunnel authentication
[LAC-l2tp1] tunnel password simple 12345
Step2
Configure the LNS
# Enable L2TP.
[LNS] l2tp enable
# Enable L2TP multi-instance.
[LNS] l2tpmoreexam enable
# Create two local users, set the passwords, and enable the PPP service.
[LNS] local-user vpdn1
[LNS-luser-vpdn1] password simple 11111
[LNS-luser-vpdn1] service-type ppp
[LNS-luser-vpdn1] quit
[LNS] local-user vpdn2
[LNS-luser-vpdn2] password simple 22222
[LNS-luser-vpdn2] service-type ppp
[LNS-luser-vpdn2] quit
# Specify the IP address of GigabitEthernet 1/1 through which the LNS connects to the tunnel as 1.1.2.2.
[LNS] interface gigabitethernet 1/1
[LNS-GigabitEthernet1/1] ip address 1.1.2.2 255.255.255.0
[LNS-GigabitEthernet1/1] quit
# Create two address pools.
[LNS] domain aaa.net
[LNS-isp-aaa.net] authentication ppp local