R3303-HP HSR6800 Routers Layer 2 - WAN Configuration Guide

Step Command Remarks

4. Specify the local name of the

tunnel.

tunnel name name

Optional.

The system name of the device is

used by default.

Configuring an LAC

An LAC is responsible for establishing tunnels with LNSs for users and sends user packets to LNSs through

the tunnels. Before configuring an LAC, enable L2TP and create an L2TP group.

Configuring an LAC to initiate tunneling requests for specified

users

An LAC initiates tunneling requests only to specified LNSs for specified users. You can specify the users

to be serviced and the LNSs that will be connected. Users can be specified by their fully qualified name

or the domain name.

Up to five LNSs can be configured. The LAC initiates an L2TP tunneling request to its specified LNSs

consecutively in their configuration order until it receives an acknowledgement from an LNS, which then

becomes the tunnel peer.

To configure the LAC:

Ste

Command

1. Enter system view.

system-view

2. Enter L2TP group view.

l2tp-group group-number

3. Enable the device to initiate tunneling requests to

one or more IP addresses for one or more

specified VPN users.

start l2tp { ip ip-address }&<1-5> { domain

domain-name | fullusername user-name }

Configuring an LAC to transfer AVP data in hidden mode

With L2TP, some parameters are transferred as AVP data. To improve security, you can configure an LAC

to transfer AVP data in hidden mode—to encrypt AVP data before transmission.

To configure an LAC to transfer AVP data in hidden mode:

Step Command Remarks

1. Enter system view.

system-view N/A

2. Enter L2TP group view.

l2tp-group group-number N/A

3. Specify that AVP data be

transferred in hidden mode.

tunnel avp-hidden

Optional.

By default, AVP data is transferred

in plain text.