HP VSR1000 Layer 2 - Wan Access Configuration Manual page 34

Virtual services router

Hide thumbs Also See for VSR1000:

Configuration manual (463 pages)

Security configuration manual (361 pages)

High availability configuration manual (91 pages)

Table Of Contents

Table of Contents

# Configure a static route so that packets destined for the PPP user will be forwarded through the

L2TP tunnel.

[LNS] ip route-static 10.2.0.0 16 192.168.0.2

Configure the LAC:

# Configure IP addresses for the interfaces. (Details not shown.)

# Enable L2TP.

<LAC> system-view

[LAC] l2tp enable

# Create L2TP group 1 in LAC mode.

[LAC] l2tp-group 1 mode lac

# Configure the local tunnel name as LAC, and specify the IP address of the tunnel peer (LNS).

[LAC-l2tp1] tunnel name LAC

[LAC-l2tp1] lns-ip 3.3.3.2

# Enable tunnel authentication, and configure the authentication key as aabbcc.

[LAC-l2tp1] tunnel authentication

[LAC-l2tp1] tunnel password simple aabbcc

[LAC-l2tp1] quit

# Create virtual PPP interface Virtual-PPP 1, and configure its username and password as vpdnuser

and Hello and PPP authentication as PAP.

[LAC] interface virtual-ppp 1

[LAC-Virtual-PPP1] ip address ppp-negotiate

[LAC-Virtual-PPP1] ppp pap local-user vpdnuser password simple Hello

[LAC-Virtual-PPP1] quit

# Configure a static route so that packets destined for the corporate network will be forwarded

through the L2TP tunnel.

[LAC] ip route-static 10.1.0.0 16 virtual-ppp 1

# Trigger the LAC to establish an L2TP tunnel with the LNS.

[LAC] interface virtual-ppp 1

[LAC-Virtual-PPP1] l2tp-auto-client l2tp-group 1

On the remote host, configure the LAC as the gateway.

Verifying the configuration

# On the LNS, use the display l2tp session command to display the established L2TP session.

[LNS] display l2tp session

LocalSID

# On the LNS, use the display l2tp tunnel command to display the established L2TP tunnel.

[LNS] display l2tp tunnel

LocalTID RemoteTID State

# On the LNS, you should be able to ping 10.2.0.1, a private network address on the LAC side.

This indicates that hosts on 10.2.0.0/16 and those on 10.1.0.0/16 can communicate with each

other through the L2TP tunnel.

[LNS] ping -a 10.1.0.1 10.2.0.1

Ping 10.2.0.1 (10.2.0.1): 56 data bytes, press CTRL_C to break

56 bytes from 10.2.0.1: icmp_seq=0 ttl=128 time=1.000 ms

RemoteSID

Established

LocalTID

State

Established

Sessions RemoteAddress

3.3.3.1

RemotePort RemoteName

1701

LNS

Table of Contents

HP VSR1000 Layer 2 - Wan Access Configuration Manual page 34

Related Manuals for HP VSR1000

Related Products for HP VSR1000

Table of Contents