L2tp configuration example, Client-initiated vpn configuration example, Network requirements – H3C Technologies H3C SecPath F1000-E User Manual
Page 824: Configuration procedure
16
L2TP Configuration Example
Client-Initiated VPN Configuration Example
Network requirements
As shown in
, a VPN user accesses the corporate headquarters as follows:
1.
8The user first connects to the Internet, and then initiates a tunneling request to the LNS directly.
2.
After the LNS accepts the connection request, an L2TP tunnel is set up between the LNS and the
VPN user.
3.
The VPN user communicates with the headquarters over the tunnel.
Figure 13 Network diagram for client-initiated VPN configuration
Configuration procedure
Step1
Configure the VPN user
On the user host, create a virtual private network connection using the Windows operating system, or
install L2TP client software such as WinVPN Client and connect to the Internet in dial-up mode. Assign an
IP address (2.1.1.1 in this example) to the user host and then configure a route to ensure the connectivity
between the user host and the LNS (1.1.2.2).
Perform the following configurations on the user host (the configuration procedure depends on the client
software):
•
Specify the VPN username as vpdnuser and the password as Hello.
•
Set the Internet interface address of the security gateway as the IP address of the LNS. In this
example, the GigabitEthernet interface on the LNS, the interface for the tunnel, has an IP address of
1.1.2.2.
•
Modify the connection attributes, setting the protocol to L2TP, the encryption attribute to
customized and the authentication mode to CHAP.
Step2
Configure the LNS
# Configure IP addresses for interfaces (omitted).
# Configure a route to ensure the reachability of the LNS to the user host.
# Create a local user named vpdnuser, and set the password to Hello and the service type to PPP.
•
Select User > Local User from the navigation tree and then click Add. Perform the configurations
shown in
.