Configuring the vpn for a tunnel peer, Configuring the tsa id of the lts device – H3C Technologies H3C SecPath F5020 User Manual
Page 47
39
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter L2TP group view.
l2tp-group group-number [ mode { lac
| lns } ]
N/A
3.
Configure the DSCP value
of L2TP packets.
ip dscp dscp-value
The default setting is 0.
Configuring the VPN for a tunnel peer
By default, the device transmits L2TP control messages and data messages over the public network. With
this feature, the device transmits them in a specified VPN by searching the routing table in that specified
VPN.
When one L2TP endpoint is in a VPN, you should configure this endpoint to belong to the VPN on the
peer for correct packet forwarding between the two endpoints.
To configure the VPN for a tunnel peer:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter L2TP group view.
l2tp-group group-number [ mode { lac
| lns } ]
N/A
3.
Configure the VPN to
which the tunnel peer
belongs.
vpn-instance vpn-instance-name
By default, a tunnel peer belongs
to the public network.
The tunnel peer and the physical
port connecting to the tunnel peer
should belong to the same VPN.
The VPN to which this physical
port belongs is configured by
using the ip binding vpn-instance
command.
Configuring the TSA ID of the LTS device
To detect loops, the LTS device compares the configured TSA ID with each TSA ID AVP in a received ICRQ
packet.
•
If a match is found, a loop exists. The LTS immediately tears down the session.
•
If no match is found, the LTS encapsulates the configured TSA ID into a new TSA ID AVP, appends
it to the packet, and sends the packet to the next hop LTS.
To avoid loop detection errors, do not configure the same TSA ID for different LTS devices.
To configure the TSA ID of the LTS device:
Step Command
Remarks
1.
Enter system view.
system-view
N/A