Configuration Procedure - H3C SR6600 Configuration Manual

Figure 5-1 Network diagram for L2TP-based EAD configuration
Router
LNS
10.22.2.10/24
Client agent
10.22.2.1/24

Configuration Procedure

1) Configure the router
# Assign an IP address to GigabitEthernet 1/0/1, which is connected to the CAMS/iMC
server.
<Router> system-view
[Router] interface gigabitethernet1/0/1
[Router-GigabitEthernet1/0/1] ip address 10.110.91.1 255.255.255.0
[Router-GigabitEthernet1/0/1] quit
# Assign an IP address to GigabitEthernet 1/0/2, which is connected to the iNode client.
[Router] interface gigabitethernet1/0/2
[Router-GigabitEthernet1/0/2] ip address 172.21.1.1 255.255.0.0
[Router-GigabitEthernet1/0/2] quit
# Assign an IP address to GigabitEthernet 1/0/3.
[Router] interface gigabitethernet1/0/3
[Router-GigabitEthernet1/0/3] ip address 10.22.2.10 255.255.255.0
[Router-GigabitEthernet1/0/3] quit
# Configure a RADIUS scheme that uses the CAMS/iMC server, setting the IP address to
10.110.91.146/24, and the keys to sysname.
[Router] radius scheme cams
[Router-radius-cams] server-type extended
[Router-radius-cams] primary authentication 10.110.91.146
[Router-radius-cams] primary accounting 10.110.91.146
[Router-radius-cams] key authentication sysname
[Router-radius-cams] key accounting sysname
[Router-radius-cams] quit
# Configure domain system to use the RADIUS scheme for PPP user authentication and
accounting, and use the IP address pool 10.200.1.0/24 to assign IP addresses to remote
hosts.
LAN
10.100.0.0/24
GE1/0/2
172.21.1.1/16
GE1/0/3
Quarantined
area
Virus and patch server
10.22.2.2/24
Internet
L2TP tunnel
CAMS/iMC platform
RADIUS server
Security policy server
Portal server
10.110.91.146/24
5-95
Host
172.22.1.1/16