F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices VPN Configuration Guide-6PW100
243
1. Determine the network devices needed according to the networking environment. For
NAS-initiated mode and LAC-auto-initiated mode, configure both the LAC and the LNS. For
client-initiated mode, you only need to configure the LNS.
2. Configure the devices accordingly based on the intended role (LAC or NAS) on the network.
To configure a device as an LAC in NAS-initiated or LAC-auto-initiated mode, complete the following
tasks:
Task Remarks
850H
Configuring basic L2TP capability
Enable L2TP
Required. Create an L2TP group
Specify the local name of the tunnel
851H
Configuring an LAC
852H
Configuring an LAC to initiate
tunneling requests for specified
users
Required.
853H
Configuring an LAC to transfer AVP
data in hidden mode
Optional.
854H
Configuring AAA authentication for
VPN users on LAC side
Required.
855H
Configuring an LAC to establish an
L2TP tunnel
• Required in LAC-auto-initiated
mode.
• No need to configure in
NAS-initiated mode.
856H
Configuring L2TP connection
parameters
857H
Configuring L2TP tunnel
authentication
Optional.
858H
Setting the hello interval
859H
Enabling tunnel flow control
860H
Disconnecting tunnels by force
To configure a device as an LNS in NAS-initiated, client-initiated, or LAC-auto-initiated mode, complete
the following tasks:
Task Remarks
861H
Configuring basic L2TP capability
Enable L2TP
Required. Create an L2TP group
Specify the local name of the tunnel
862H
Configuring an LNS
863H
Creating a VT interface Required.
864H
Configuring the local address and
the address pool for allocation
Required.
865H
Configuring an LNS to grant certain
L2TP tunneling requests
Required.
866H
Configuring user authentication on
an LNS
Optional.
867H
Configuring AAA authentication for
VPN users on an LNS
Optional.