80 ESR Series Routers Operation Manual
To end PPTP server session for user 'fedor', use one of the following commands:
esr# clear remote-access session pptp username fedor
esr# clear remote-access session pptp server remote-workers username fedor
To view PPTP server configuration, use the following command:
esr# show remote-access configuration pptp remote-workers
7.22 Configuring remote access to corporate network via L2TP/IPsec protocol
L2TP (Layer 2 Tunnelling Protocol) is a sophisticated tunnelling protocol used to support virtual
private networks. L2TP encapsulates PPP frames into IP packets for transmission via global IP network, e.g.
the Internet. L2TP may be used for tunnel establishment between two local area networks. L2TP uses an
additional UDP connection for tunnel handling. L2TP protocol does not provide data encryption, therefore
it is usually combined with an IPsec protocol group that provides security on a packet level.
Objective: Configure L2TP server on a router for remote user connection to LAN. Authentication is
performed on RADIUS server.
L2TP server address: 120.11.5.1
Gateway inside the tunnel: 10.10.10.1
Radius server address: 192.168.1.4
For IPsec, key authentication method is used: key—'password'
Fig. 7.23—Network structure
Solution:
First, do the following:
- Configure RADIUS server connection.
- Configure zones for te1/0/1 and gi1/0/1 interfaces.
- Specify IP addresses for te1/0/1 and te1/0/1 interfaces
Create address profile that contains local gateway address:
esr(config)# object-group network l2tp_local
esr(config-object-group-network)# ip address-range 10.10.10.1
esr(config-object-group-network)# exit
Create address profile that contains DNS servers:
To Next Page
Loading...
