User Manual - Configuration Guide (Volume 3)

Chapter 2

Versatile Routing Platform

Configuration of L2TP

III.Configuration procedure

1)Configuration at user side:

Set user name to “vpnuser”, password to “hello” (the user name and password have been registered in NAS or company) and dial-in number to”170” at the dial-up terminal.

2)Configuration at NAS side (Quidway A8010 NAS in the case serves as the equipment at LAC side):

zThe dial-in number is usually configured as “170” on A8010.

zOn RADIUS access server, set a VPN user with user name “vpnuser” and password “hello”, and set IP address of the corresponding equipment at LNS side (In the case, IP address of the port where LNS side and the channel are connected is 202.38.160.2).

zDefine the name of the equipment of local end as A8010 and authenticate the channel. The channel password is “quidway”.

3)Router configuration (at LNS side)

!Set a VPDN group and configure relative attributes Quidway(config)# vpdn enable Quidway(config)# vpdn-group 1 Quidway(config-vpdn1)# local name LNS

Quidway(config-vpdn1)# accept dialin l2tp virtual-template 1 remote A8010

!Set user name and password (consistent with the setting on A8010). Quidway(config)# user vpnuser password 0 hello

!Start channel authentication and set channel authentication password. Quidway(config-vpdn2)# l2tp tunnel authentication Quidway(config-vpdn2)# l2tp tunnel password 0 quidway

!Define an address pool to distribute addresses to dial-in users. Quidway(config)# ip local poo1 1 192.168.0.2 192.168.0.100

!Configure Virtual-Template 1.

Quidway(config)# interface virtual-template 1

Quidway(config-if-virtual-template1)# ip address 192.168.0.1 255.255.255.0

Quidway(config-if-virtual-template1)# ppp authentication chap

Quidway(config-if-virtual-template1)# peer default ip address pool 1

!Adopt AAA authentication. Quidway(config)# aaa-enable

Quidway(config)# aaa authentication ppp default local

2-15

Page 35
Image 35
Huawei v200r001 user manual III. Configuration procedure