L2TP Configuration Examples 629

through the Internet. Through setting up a VPN, the user can have access to the information in the internal network.

II. Networking diagram

Figure 196 Networking diagram of an individual user interconnecting headquarters

Modem

 

 

PSTN

Router1

Router 2

PC1

 

Tunnel

ISDN

LAC

LNS

PC2

 

WAN

 

 

Headquarter

III. Configuration procedure

1Configuration at the user side

Set up a dialup network, with the same access number as that of Router1, and it receives the address assigned by LNS server. Input vpdnuser@3Com.com as the username and Hello as the password in the popup terminal window.

2Configuration of Router1 (at LAC side)

Make sure to enable CHAP authentication on the access interface (e.g., dialup interface) at the LAC dialup user side.

a Configure the username and password.

[Router1] local-user vpdnuser@3Com.com password simple Hello

bAdopt AAA authentication.

[Router1] aaa-enable

[Router1] aaa authentication-scheme ppp default local

[Router1] aaa accounting-scheme optional

cConfigure an IP address on Serial0 interface.

[Router1] interface serial 0

[Router1-Serial0]ip address 202.38.160.1 255.255.255.0

[Router1-Serial0]ppp authentication-mode chap

dConfigure a L2TP group and the related attributes.

[Router1] l2tp enable

[Router1] l2tp-group 1

[Router1-l2tp1]tunnel name lac-end

[Router1-l2tp1]start l2tp ip 202.38.160.2 domain 3Com.com

eEnable tunnel authentication and configure a tunnel authentication password.

[Router1-l2tp1]tunnel authentication

[Router1-l2tp1]tunnel password simple 3Com router

fConfigure the domain suffix separator to @.

[Router1] l2tp domain suffix-separator @

gConfigure the match order to matching domain firstly and then called number.

3Configuration of Router2 (at LNS side)

a Configure the address pool 1 which is in the range from 192.168.0.2 to 192.168.0.100.

Page 633
Image 633
3Com 10014299 manual Configure an IP address on Serial0 interface, Configure a L2TP group and the related attributes