H3C Technologies H3C SecPath F5020 User Manual

41

# Configure local authentication for PPP users in ISP domain system.

[LAC] domain system

[LAC-isp-system] authentication ppp local

[LAC-isp-system] quit

# Configure CHAP authentication on interface Async 2/1/0.

[LAC] interface async 2/1/0

[LAC-Async2/1/0] ppp authentication-mode chap

[LAC-Async2/1/0] quit

# Enable L2TP.

[LAC] l2tp enable

# Create L2TP group 1 in LAC mode.

[LAC] l2tp-group 1 mode lac

# Configure the local tunnel name as LAC.

[LAC-l2tp1] tunnel name LAC

# Specify PPP user vpdnuser as the condition for the LAC to initiate tunneling requests.

[LAC-l2tp1] user fullusername vpdnuser

# Specify the LNS IP address as 1.1.2.2.

[LAC-l2tp1] lns-ip 1.1.2.2

# Enable tunnel authentication, and specify the tunnel authentication key as aabbcc.

[LAC-l2tp1] tunnel authentication

[LAC-l2tp1] tunnel password simple aabbcc

[LAC-l2tp1] quit

2.

Configure the LNS:
# Configure IP addresses for the interfaces. (Details not shown.)
# Create a local user named vpdnuser, set the password, and enable the PPP service.

system-view

[LNS] local-user vpdnuser class network

[LNS-luser-network-vpdnuser] password simple Hello

[LNS-luser-network-vpdnuser] service-type ppp

[LNS-luser-network-vpdnuser] quit

# Configure local authentication for PPP users in ISP domain system.

[LNS] domain system

[LNS-isp-system] authentication ppp local

[LNS-isp-system] quit

# Enable L2TP.

[LNS] l2tp enable

# Create interface Virtual-Template 1, and specify its IP address as 192.168.0.1/24 and PPP
authentication mode as CHAP.

[LNS] interface virtual-template 1

[LNS-virtual-template1] ip address 192.168.0.1 255.255.255.0

[LNS-virtual-template1] ppp authentication-mode chap domain system

# Specify 192.168.0.2 as the IP address to be allocated to the PPP user.

[LNS-virtual-template1] remote address 192.168.0.2

[LNS-virtual-template1] quit

# Create L2TP group 1 in LNS mode.