260
LAC and LNS match. For example, the local tunnel name configured on the LAC must match the
remote tunnel name configured on the LNS.
L2TP must be enabled for L2TP configuration to take effect. Tunnel names are used during tunnel
negotiation between an LAC and an LNS.
To configure basic L2TP capability:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Enable L2TP.
l2tp enable
Disabled by default.
3. Create an L2TP group and
enter its view.
l2tp-group
group-number By default, no L2TP group exists.
4. Specify the local name of the
tunnel.
tunnel name
name
Optional.
The system name of the device is
used by default.
Configuring an LAC
An LAC is responsible for establishing tunnels with LNSs for users and sends user packets to LNSs
through the tunnels. Before configuring an LAC, enable L2TP and create an L2TP group.
Configuring an LAC to initiate tunneling requests for specified
users
An LAC initiates tunneling requests only to specified LNSs for specified users. You can specify the
users to be serviced and the LNSs that will be connected. Users can be specified by their fully
qualified name or the domain name.
Up to five LNSs can be configured. The LAC initiates an L2TP tunneling request to its specified LNSs
consecutively in their configuration order until it receives an acknowledgement from an LNS, which
then becomes the tunnel peer.
To configure the LAC:
Step Command
1. Enter system view.
system-view
2. Enter L2TP group view.
l2tp-group
group-number
3. Enable the device to initiate tunneling requests
to one or more IP addresses for one or more
specified VPN users.
start l2tp
{
ip
ip-address }&<1-5> {
domain
domain-name |
fullusername
user-name }
Configuring an LAC to transfer AVP data in hidden mode
With L2TP, some parameters are transferred as AVP data. To improve security, you can configure an
LAC to transfer AVP data in hidden mode—to encrypt AVP data before transmission.
To configure an LAC to transfer AVP data in hidden mode:
To Next Page
Loading...
Need help?
General
