4000 Router Series Layer 2 - WAN Configuration Guide

[LNS-virtual-template1] remote address 192.168.0.2

[LNS-virtual-template1] quit

# Create L2TP group 1 in LNS mode, configure the local tunnel name as LNS, and specify

Virtual-Template 1 for receiving calls from a specified LAC.

[LNS] l2tp-group 1 mode lns

[LNS-l2tp1] tunnel name LNS

[LNS-l2tp1] allow l2tp virtual-template 1 remote LAC

# Enable tunnel authentication, and specify the tunnel authentication key as aabbcc.

[LNS-l2tp1] tunnel authentication

[LNS-l2tp1] tunnel password simple aabbcc

[LNS-l2tp1] quit

3. On the remote system, enter vpdnuser as the username and Hello as the password in the dial-up

network window to dial a connection.

Verifying the configuration

# After the dial-up connection is established, the remote system can obtain an IP address (for

example, 192.168.0.2) and can ping the private IP address of the LNS (192.168.0.1).

# On the LNS, use the display l2tp tunnel command to check the established L2TP tunnels.

[LNS] display l2tp tunnel

LocalTID RemoteTID State Sessions RemoteAddress RemotePort RemoteName

196 3542 Established 1 1.1.2.1 1701 LAC

# On the LNS, use the display l2tp session command to check the established L2TP sessions.

[LNS] display l2tp session

LocalSID RemoteSID LocalTID State

2041 64 196 Established

Configuration example for client-initiated L2TP tunnel

Network requirements

As shown in Figure 24, a PPP user directly initiates a tunneling request to the LNS to access the corporate

network. The PPP user belongs to VPN 1.

Figure 24 Network diagram

Configuration procedure

1. Configure the LNS:

# Create VPN instance vpn1, and bind interface Ethernet 1/1 (connecting the PPP user) to vpn1.

<LNS> system-view

[LNS] ip vpn-instance vpn1

[LNS-vpn-instance-vpn1] quit