Figure 4-4 Networking diagram of a NAS-Initialized VPN
PSTN
Internet
LNS
PC1
Server
headquarters
RouterB
LAC
RouterA
ISDN
PC2
Modem
Tunnel
Configuration Roadmap
The configuration roadmap is as follows:
1. A user intends to communicate with the server in the headquarters. The IP address of the
server is a private address. In this manner, the user cannot access the server directly through
the Internet. A VPN is then needed to help the user access the data of the internal network.
2. The user accesses the headquarters by using the domain name "huawei.com". The LNS
needs to configure an address pool in this domain that can allocate an IP address for the
user.
Data Preparation
To complete the configuration, you need the following data:
l Consistent user name, domain name, and password of the router at both the user side and
the LAC side
l Protocol used on the LNS side, tunnel authentication mode (CHAP is used), password for
the tunnel, and local and remote names of the LNS
l Number, IP address, and network mask of the virtual template
l L2TP group number
l Number, range, and address mask of the remote address pool
Procedure
Step 1 Configure the user side.
Create a dial-in connection, and an access number named Huawei1. In addition, receive the
address assigned by the LNS server.
Enter the user name "vpdnuser@huawei.com" in the dial-up terminal window that pops up, with
the password being Hello. Note that the user name and password should have been registered
on the LNS server of the company.
Step 2 Configure Router A (LAC).
In this example, the IP address of Serial 1/0/0 on the LAC that connects the tunnel is
202.38.160.1; the IP address of Serial 1/0/0 on the LNS that connects the tunnel is 202.38.160.2.
Huawei AR1200 Series Enterprise Routers
Configuration Guide - VPN 4 L2TP Configuration
Issue 01 (2012-04-20) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
268
To Next Page
Loading...
Need help?
General
