3Com Router 3000 Ethernet Family
Configuration Guide
# Revise connection attributes. Set adopted protocol to L2TP, encryption attribute to
user defined. Choose CHAP authentication for tunnel authentication, with tunnel
password being "3Com".
2)
Configuration on the router (on LNS side)
# Set username and password (consistent with the configuration on user side).
[3Com] local-user vpdnuser
[3Com-luser-vpdnuser] password simple Hello
[3Com-luser-vpdnuser] service-type ppp
# Perform local authentication on VPN users.
[3Com] domain system
[3Com-isp-system] scheme local
[3Com-isp-system] ip pool 1 192.168.0.2 192.168.0.100
# Enable L2TP and set an L2TP group.
[3Com] l2tp enable
[3Com] l2tp-group 1
# Configure a virtual template.
[3Com] interface virtual-template 1
[3Com-virtual-template1] ip address 192.168.0.1 255.255.255.0
[3Com-virtual-template1] ppp authentication-mode chap domain system
[3Com-virtual-template1] remote address pool 1
# Configure local name and remote name of the tunnel on LNS side.
[3Com] l2tp-group 1
[3Com-l2tp1] tunnel name LNS
[3Com-l2tp1] allow l2tp virtual-template 1
# Enable tunnel authentication and set tunnel authentication password.
[3Com-l2tp1] tunnel authentication
[3Com-l2tp1] tunnel password simple 3Com
2.5.3 Interconnecting Single User with Headquarters via Router
I. Network requirements
A user needs to communicate with its headquarters, but the network address of the
headquarters is a private address, e.g. 10.8.0.0, so the user cannot directly access
headquarters' internal server through the Internet. With VPN, the user can access data
of the internal network.
Suppose that the route between the LAC and the LNS is up.
3Com Corporation
2-27
Chapter 2 Configuration of L2TP