270
Step Command Remarks
3. Enable the L2TP-based EAD
function.
ppp access-control enable
This function is disabled by
default.
4. Specify the fragment match
mode for all packet-filter
firewalls on the VA interfaces
created on the VT interface.
ppp access-control
match-fragments
{
exactly
|
normally
}
Optional.
Standard mode applies by
default.
Displaying and maintaining L2TP
Task Command Remarks
Display L2TP tunnel information.
display l2tp tunnel
[
|
{
begin
|
exclude
|
include
}
regular-expression ]
Available in any view.
Display L2TP session
information.
display l2tp session
[
|
{
begin
|
exclude
|
include
}
regular-expression ]
Available in any view.
Display statistics about dynamic
firewalls on the VA interfaces
created on the specified VT
interface.
display ppp access-control
{
interface
interface-type
interface-number } [
|
{
begin
|
exclude
|
include
}
regular-expression ]
Available in any view.
L2TP configuration examples
Configuration example for NAS-initiated VPN
Network requirements
As shown in Figure 96, a VPN user accesses the corporate headquarters in the following procedure:
1. The user dials in to the NAS (LAC).
2. The NAS determines whether the user is a valid VPN client. If so, it initiates a tunneling request
to the LNS.
3. After a tunnel is set up between the NAS and the LNS, the NAS transfers the results of its
negotiation with the VPN user to the LNS.
4. The LNS decides whether to accept the connection request according to the negotiated results.
5. The user communicates with the headquarters over the tunnel between the NAS and the LNS.
Figure 96 Network diagram
Configuration procedure
1. Configure the LAC (NAS):
# Configure IP addresses for interfaces. (Details not shown.)
To Next Page
Loading...
Need help?
General
