Huawei AR1200 series Configuration Manual page 287
Enterprise routers
Hide thumbs
Also See for AR1200 series:
- Configuration manual (342 pages) ,
- User configuration manual (232 pages) ,
- Hardware description (218 pages)
Table of Contents
Advertisement
Huawei AR1200 Series Enterprise Routers
Configuration Guide - VPN
l
Procedure
Step 1 Configure the devices on the VPN client side.
The L2TP client software must be configured on the host of the VPN client side and users can
connect to the Internet by dialing up. Then perform the following configurations. Note that the
setting process may vary with the client software.
# Set the VPN user name as "vpdnuser", and the password as "Hello".
# Set the IP address of LNS as the IP address of the interface on the router to access the Internet.
In this example, the IP address of the interface on the LNS connected with the tunnel is
202.38.160.2.
# Modify connection attributes, and adopt the L2TP protocol.
# If the hosts on the client side support IPSec, disable IPSec.
Step 2 Configure the LNS routers.
# Create and configure a virtual-template interface.
<Huawei> system-view
[Huawei] sysname RouterA
[RouterA] interface virtual-template 1
[RouterA-Virtual-Template1] ip address 192.168.0.1 255.255.255.0
[RouterA-Virtual-Template1] ppp authentication-mode chap
[RouterA-Virtual-Template1] remote address pool 1
[RouterA-Virtual-Template1] quit
# Enable L2TP and set an L2TP group.
[RouterA] l2tp enable
[RouterA] l2tp-group 1
# Configure the names of the local end and the tunnel peer on the LNS.
[RouterA-l2tp1] tunnel name LNS
[RouterA-l2tp1] allow l2tp virtual-template 1 remote vpdnuser
# Disable the tunnel authentication.
[RouterA-l2tp1] undo tunnel authentication
[RouterA-l2tp1] quit
# Define an address pool to assign addresses for dial-in users.
[RouterA] ip pool 1
[RouterA-ip-pool-1]network 192.168.0.0 mask 24
# Set the user name and password the same as the configurations on the VPN client side.
[RouterA] aaa
[RouterA-aaa] local-user vpdnuser password Hello
[RouterA-aaa] local-user vpdnuser service-type ppp
[RouterA-aaa] quit
Step 3 Verify the configuration.
After VPN users log in to the LAC or LNS devices, run the display l2tp tunnel command on
the LNS and you can find the tunnel is set up. For example:
[RouterA] display l2tp tunnel
Total tunnel = 1
Issue 01 (2012-04-20)
Number, range, and address mask of the remote address pool
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
4 L2TP Configuration
276
Hide quick links:
Advertisement
Table of Contents
