Configuring l2tp at the cli, L2tp configuration task list – H3C Technologies H3C SecPath F1000-E User Manual
Page 265
253
Configuring L2TP at the CLI
L2TP configuration task list
When you configure L2TP, perform the following operations:
1.
Determine the network device(s) needed according to the networking environment. For
NAS-initiated mode and LAC-auto-initiated mode, you need to configure both the LAC and the LNS.
For client-initiated mode, you only need to configure the LNS.
2.
Configure the firewall(s) accordingly based on the intended role (LAC or NAS) on the network.
To configure the firewall as an LAC in NAS-initiated or LAC-auto-initiated mode, complete the following
tasks:
Task Remarks
Configuring basic L2TP capability
Enable L2TP
Required
Create an L2TP group
Specify the local name of the tunnel
Configuring an LAC to initiate
tunneling requests for specified
users
Required
Configuring an LAC to transfer AVP
Optional
Configuring AAA authentication for
VPN users on LAC side
Required
Configuring an LAC to establish an
L2TP tunnel
Required in LAC-auto-initiated
mode
No need to configure in
NAS-initiated mode
Configuring L2TP connection
parameters
Configuring L2TP tunnel
authentication
Optional
Disconnecting tunnels by force
To configure the firewall as an LNS in NAS-initiated, client-initiated, or LAC-auto-initiated mode,
complete the following tasks:
Task Remarks
Configuring basic L2TP capability
Enable L2TP
Required
Create an L2TP group
Specify the local name of the tunnel
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS