beautypg.com

Configuring l2tp at the cli, L2tp configuration task list – H3C Technologies H3C SecPath F1000-E User Manual

Page 265

background image

253

Configuring L2TP at the CLI

L2TP configuration task list

When you configure L2TP, perform the following operations:

1.

Determine the network device(s) needed according to the networking environment. For
NAS-initiated mode and LAC-auto-initiated mode, you need to configure both the LAC and the LNS.
For client-initiated mode, you only need to configure the LNS.

2.

Configure the firewall(s) accordingly based on the intended role (LAC or NAS) on the network.

To configure the firewall as an LAC in NAS-initiated or LAC-auto-initiated mode, complete the following

tasks:

Task Remarks

Configuring basic L2TP capability

Enable L2TP

Required

Create an L2TP group

Specify the local name of the tunnel

Configuring an LAC

Configuring an LAC to initiate
tunneling requests for specified
users

Required

Configuring an LAC to transfer AVP

data in hidden mode

Optional

Configuring AAA authentication for
VPN users on LAC side

Required

Configuring an LAC to establish an
L2TP tunnel

Required in LAC-auto-initiated
mode
No need to configure in
NAS-initiated mode

Configuring L2TP connection
parameters

Configuring L2TP tunnel
authentication

Optional

Setting the hello interval

Enabling tunnel flow control

Disconnecting tunnels by force

To configure the firewall as an LNS in NAS-initiated, client-initiated, or LAC-auto-initiated mode,

complete the following tasks:

Task Remarks

Configuring basic L2TP capability

Enable L2TP

Required

Create an L2TP group

Specify the local name of the tunnel