274
1 5 2.1.1.1 1701 1 l2tpuser
Configuration example for LAC-auto-initiated VPN
Network requirements
As shown in Figure 98, create a virtual PPP user on the LAC and configure the LAC to initiate a
tunneling request to the LNS to establish an L2TP tunnel for the virtual PPP user. When a VPN user
accesses the corporate network, all packets between the VPN user and the corporate network are
transmitted through the L2TP tunnel.
A VPN user accesses the corporate network in the following procedure:
1. The VPN user sends a packet to the LAC through the LAN.
2. The LAC encapsulates the packet and then forwards the packet through the L2TP tunnel to the
LNS.
Figure 98 Network diagram
Configuration procedure
1. Configure the LNS:
# Configure IP addresses for interfaces. (Details not shown.)
# Create a local user, configure a username and password for the user, and specify the service
type as PPP.
<LNS> system-view
[LNS] local-user vpdnuser
[LNS-luser-vpdnuser] password simple Hello
[LNS-luser-vpdnuser] service-type ppp
[LNS-luser-vpdnuser] quit
# Configure a VT interface.
[LNS] interface virtual-template 1
[LNS-virtual-template1] ip address 192.168.0.20 255.255.255.0
[LNS-virtual-template1] remote address pool 1
[LNS-virtual-template1] ppp authentication-mode pap
[LNS-virtual-template1] quit
# Configure local authentication for VPN users.
[LNS] domain system
[LNS-isp-system] authentication ppp local
[LNS-isp-system] ip pool 1 192.168.0.2 192.168.0.100
[LNS-isp-system] quit
# Enable L2TP and create an L2TP group.
[LNS] l2tp enable
[LNS] l2tp-group 1
# Configure the local tunnel name and specify the VT interface for receiving packets and the
tunnel name on the LAC.
[LNS-l2tp1] tunnel name LNS
[LNS-l2tp1] allow l2tp virtual-template 1 remote LAC
To Next Page
Loading...
Need help?
General
