R3166-R3206-HP High-End Firewalls VPN Configuration Guide-6PW101
103
• Select domain system.
• Type 1 as the IP address pool number.
• Type the start IP address 192.168.0.2.
• Type the end IP address 192.168.0.100.
• Click Apply to finish the IP address pool configuration and return to the L2TP group configuration
page.
• Select pool1 from the User Address drop-down list.
• Select Enable from the Assign Address Forcibly drop-down list.
• Click Apply.
Configuring L2TP in the CLI
L2TP configuration task list
To configure a firewall device as an LAC or LNS, you need to configure basic L2TP capability on the
firewall at first, and then perform LAC- or LNS-specific configurations. L2TP connection parameter
configuration tasks apply to both LAC and LNS and are optional. You may configure them as needed.
Complete the following tasks to configure L2TP:
Task Remarks
Configuring basic L2TP
capability
Enable L2TP
Required
Create an L2TP group
Specify the local name of the tunnel
Configuring an LAC
Configuring an LAC to initiate tunneling requests for specified users Required
Configuring an LAC to transfer AVP data in hidden mode Optional
Configuring AAA authentication of VPN users on LAC side Required
Configuring an LNS
Creating a virtual interface template Required
Configuring the local address and the address pool for allocation Required
Configuring an LNS to grant certain L2TP tunneling requests Required
Configuring user authentication on an LNS Optional
Configuring AAA authentication of VPN users on LNS side Optional
Enabling L2TP multi-instance Optional
Specifying an LNS to send ACCM Optional
Configuring L2TP
connection parameters
Configuring L2TP tunnel authentication
Optional
Setting the hello interval
Enabling tunnel flow control
Disconnecting tunnels by force