1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. IP SERVICES - CONFIGURATION GUIDE V 11.1.X
  6. Configuration manual

Configuration Tasks For E Series Routers; Enabling Ipsec Support For L2Tp - Juniper IP SERVICES - CONFIGURATION GUIDE V 11.1.X Configuration Manual

Ip services configuration guide
Hide thumbs
Table of Contents

Advertisement

3.
4.

Configuration Tasks for E Series Routers

The main configuration tasks for setting up L2TP/IPSec are:
1.
2.
3.
4.
5.
6.
7.
8.

Enabling IPSec Support for L2TP

To configure an L2TP destination profile:
1.
2.
3.
4.
Create a VPN connection to the router.
Log the client in to the E Series router.
Set up IP connectivity to L2TP clients; for example, PPPoE, DHCP, or static IP.
Set up digital certificates on the router, or configure preshared keys for IKE
authentication.
To set up digital certificates, see "Configuring Digital Certificates" on page 213.
To set up preshared keys, see "Configuring IPSec Parameters" on page 146
in "Configuring IPSec" on page 125.
Create IPSec policies. See "Defining an IKE Policy" on page 156 in "Configuring
IPSec" on page 125.
Configure RADIUS authentication and accounting. See JUNOSe Broadband Access
Configuration Guide.
Configure L2TP destination profiles. See the next section, "Enabling IPSec Support
for L2TP" on page 297.
Configure NAT-T on the virtual router. See "Configuring NAT-T" on page 298.
Configure single-shot L2TP/IPSec tunnels. See "Configuring Single-Shot Tunnels"
on page 299.
Configure IPSec transport profiles. See "Configuring IPSec Transport Profiles"
on page 302.
Create a destination profile that defines the location of the LAC, and access L2TP
Destination Profile Configuration mode.
host1(config)#l2tp destination profile boston4 ip address 0.0.0.0
host1(config-l2tp-dest-profile)#
Define the L2TP host profile, and enter L2TP Destination Profile Host
Configuration mode.
host1(config-l2tp-dest-profile)#remote host default
host1(config-l2tp-dest-profile-host)#
Specify that for L2TP tunnels associated with this destination profile, the router
accept only tunnels protected by IPSec.
host1(config-l2tp-dest-profile-host)#enable ipsec-transport
(Optional) Assign a profile name for a remote host.
Chapter 12: Securing L2TP and IP Tunnels with IPSec
L2TP/IPSec Tunnels
297

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the IP SERVICES - CONFIGURATION GUIDE V 11.1.X and is the answer not in the manual?

Subscribe to Our Youtube Channel

Related Manuals for Juniper IP SERVICES - CONFIGURATION GUIDE V 11.1.X

Related Content for Juniper IP SERVICES - CONFIGURATION GUIDE V 11.1.X

This manual is also suitable for:

Junose 11.1.x ip servicesJunose v 11.1

Table of Contents