#
return
4.7.2 Example for Configuring NAS-Initialized VPNs (Dialup
Access)
This section provides an example for configuring a NAS-initialized VPN with VPN users
accessing the NAS through the PSTN or ISDN.
Networking Requirements
As shown in Figure 4-5, Users access the NAS through the PSTN or the Integrated Services
Digital Network (ISDN). The LNS, namely, Router A, connects the NAS through the Internet.
Figure 4-5 Networking diagram of NAS-initialized VPN
PSTN/ISDN
Tunnel
VPN
Client
NAS
RouterA
LNS
Internet
Headquarters
Configuration Roadmap
The procedure for a user to access the headquarters is as follows:
1. A user dials in the PSTN or ISDN.
2. The NAS performs the user authentication. If the user is found to be a VPN user, the NAS
sends a tunnel-connecting request to the LNS.
3. After a tunnel between the NAS and the LNS is set up, the NAS sends the information
about the negotiation with the VPN user as the contents of the packets to the LNS.
4. The LNS decides whether to accept the connecting request according to the negotiated
information.
5. The user communicates with the headquarters by using the tunnel between the NAS and
the LNS.
6. The user accesses the headquarters network by using the default domain (the domain name
is "default") and adopts the local authentication. The addresses are allocated from the
address pool. In this mode, the address pool should be configured in the AAA view of the
LNS.
Data Preparation
To complete the configuration, you need the following data:
l User name, password, and access code of the VPN
l User name and password for the Remote Authentication Dial in User Service (RADIUS)
authentication (the same as user name and password of the VPN)
Huawei AR1200 Series Enterprise Routers
Configuration Guide - VPN 4 L2TP Configuration
Issue 01 (2012-04-20) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
272
To Next Page
Loading...
Need help?
General
