Displaying and maintaining l2tp, Configuration example for nas-initiated vpn, Network requirements – H3C Technologies H3C SecPath F1000-E User Manual

263

connection and all the sessions within the tunnel are removed. When a user dials in, a new tunnel is

established.
To disconnect tunnels by force:

Task Command

Remarks

Disconnect tunnels by force.

reset l2tp tunnel { id tunnel-id | name
remote-name }

Available in user view

Displaying and maintaining L2TP

Task Command

Remarks

Display information about L2TP
tunnels.

display l2tp tunnel [ | { begin | exclude |
include } regular-expression ]

Available in any view

Display information about L2TP
sessions.

display l2tp session [ | { begin | exclude |
include } regular-expression ]

Available in any view

Configuration example for NAS-initiated VPN

Network requirements

A VPN user accesses the corporate headquarters in the following procedure:

1.

The user dials in to the NAS (LAC).

2.

The NAS determines whether the user is a valid VPN client. If so, it initiates a tunneling request to
the LNS.

3.

After a tunnel is set up between the NAS and the LNS, the NAS transfers the results of its
negotiation with the VPN user to the LNS.

4.

The LNS decides whether to accept the connection request according to the negotiated results.

5.

The user communicates with the headquarters over the tunnel between the NAS and the LNS.

Figure 166 Network diagram

Configuration procedure

1.

Configure the LAC (NAS):
# Configure IP addresses for interfaces. (Details not shown.)
# Create a local user named vpdnuser, set the password, and enable the PPP service.

system-view

[LAC] local-user vpdnuser

[LAC-luser-vpdnuser] password simple Hello

[LAC-luser-vpdnuser] service-type ppp