l
Number, range, and address mask of the remote address pool
Procedure
Step 1
Configure the devices on the VPN client side.
The L2TP client software must be configured on the host of the VPN client side and users can
connect to the Internet by dialing up. Then perform the following configurations. Note that the
setting process may vary with the client software.
# Set the VPN user name as "vpdnuser", and the password as "Hello".
# Set the IP address of LNS as the IP address of the interface on the router to access the Internet.
In this example, the IP address of the interface on the LNS connected with the tunnel is
202.38.160.2.
# Modify connection attributes, and adopt the L2TP protocol.
# If the hosts on the client side support IPSec, disable IPSec.
Step 2
Configure the LNS routers.
# Create and configure a virtual-template interface.
<Huawei>
system-view
[Huawei]
sysname RouterA
[RouterA]
interface virtual-template 1
[RouterA-Virtual-Template1]
ip address 192.168.0.1 255.255.255.0
[RouterA-Virtual-Template1]
ppp authentication-mode chap
[RouterA-Virtual-Template1]
remote address pool 1
[RouterA-Virtual-Template1]
quit
# Enable L2TP and set an L2TP group.
[RouterA]
l2tp enable
[RouterA]
l2tp-group 1
# Configure the names of the local end and the tunnel peer on the LNS.
[RouterA-l2tp1]
tunnel name LNS
[RouterA-l2tp1]
allow l2tp virtual-template 1 remote vpdnuser
# Disable the tunnel authentication.
[RouterA-l2tp1]
undo
tunnel authentication
[RouterA-l2tp1]
quit
# Define an address pool to assign addresses for dial-in users.
[RouterA]
ip pool 1
[RouterA-ip-pool-1]
network 192.168.0.0 mask 24
# Set the user name and password the same as the configurations on the VPN client side.
[RouterA]
aaa
[RouterA-aaa]
local-user vpdnuser password Hello
[RouterA-aaa]
local-user vpdnuser service-type ppp
[RouterA-aaa]
quit
Step 3
Verify the configuration.
After VPN users log in to the LAC or LNS devices, run the
display l2tp tunnel
command on
the LNS and you can find the tunnel is set up. For example:
[RouterA]
display l2tp tunnel
Total tunnel = 1
Huawei AR1200 Series Enterprise Routers
Configuration Guide - VPN
4 L2TP Configuration
Issue 01 (2012-04-20)
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
276