Configuration example for lac-auto-initiated vpn, Network requirements, Configuraton procedure – H3C Technologies H3C SecPath F1000-E User Manual

267

[LNS-l2tp1] display l2tp tunnel

Total tunnel = 1

LocalTID RemoteTID RemoteAddress Port Sessions RemoteName

1 5 2.1.1.1 1701 1 l2tpuser

Configuration example for LAC-auto-initiated VPN

Network requirements

Create a virtual PPP user on the LAC and configure the LAC to initiate a tunneling request to the LNS to

establish an L2TP tunnel for the virtual PPP user. When a VPN user accesses the corporate network, all
packets between the VPN user and the corporate network are transmitted through the L2TP tunnel. A

VPN user accesses the corporate network in the following procedure:

1.

The VPN user sends a packet to the LAC through the LAN.

2.

The LAC encapsulates the packet and then forwards the packet through the L2TP tunnel to the LNS.

Figure 168 Network diagram

Configuraton procedure

1.

Configure the LNS:
# Configure IP addresses for interfaces. (Details not shown.)
# Create a local user, configure a username and password for the user, and specify the service
type as PPP.

system-view

[LNS] local-user vpdnuser

[LNS-luser-vpdnuser] password simple Hello

[LNS-luser-vpdnuser] service-type ppp

[LNS-luser-vpdnuser] quit

# Configure a virtual template interface.

[LNS] interface virtual-template 1

[LNS-virtual-template1] ip address 192.168.0.20 255.255.255.0

[LNS-virtual-template1] remote address pool 1

[LNS-virtual-template1] ppp authentication-mode pap

# Configure the virtual template interface to not check the next hop of a packet to be sent.

[LNS-Virtual-Template1] ppp ignore match-next-hop

[LNS-virtual-template1] quit

# Configure local authentication for VPN users.

[LNS] domain system

[LNS-isp-system] authentication ppp local

[LNS-isp-system] ip pool 1 192.168.0.2 192.168.0.100

[LNS-isp-system] quit