Verifying the configuration, Network requirements, Configuration procedure – H3C Technologies H3C SecPath F5020 User Manual
Page 50
42
[LNS] l2tp-group 1 mode lns
# Configure the local tunnel name as LNS.
[LNS-l2tp1] tunnel name LNS
# Specify Virtual-Template 1 for receiving calls from a specified LAC.
[LNS-l2tp1] allow l2tp virtual-template 1 remote LAC
# Enable tunnel authentication, and specify the tunnel authentication key as aabbcc.
[LNS-l2tp1] tunnel authentication
[LNS-l2tp1] tunnel password simple aabbcc
[LNS-l2tp1] quit
3.
On the remote system, enter vpdnuser as the username and Hello as the password in the dial-up
network window to dial a connection.
Verifying the configuration
After the dial-up connection is established, the remote system can obtain an IP address (for example,
192.168.0.2) and can ping the private IP address of the LNS (192.168.0.1).
# On the LNS, use the display l2tp tunnel command to check the established L2TP tunnels.
[LNS] display l2tp tunnel
LocalTID RemoteTID State Sessions RemoteAddress RemotePort RemoteName
196 3542 Established 1 1.1.2.1 1701 LAC
# On the LNS, use the display l2tp session command to check the established L2TP sessions.
[LNS] display l2tp session
LocalSID RemoteSID LocalTID State
2041 64 196 Established
Configuration example for client-initiated L2TP tunnel
Network requirements
As shown in
, a PPP user directly initiates a tunneling request to the LNS to access the corporate
network. The PPP user belongs to VPN 1.
Figure 15 Network diagram
Configuration procedure
1.
Configure the LNS:
# Create VPN instance vpn1, and bind interface GigabitEthernet 1/0/1 (connecting the PPP user)
to vpn1.
[LNS] ip vpn-instance vpn1
[LNS-vpn-instance-vpn1] quit
[LNS] interface gigabitethernet 1/0/1