3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide
126 CHAPTER 8: CONFIGURATION OF L2TP
# Set the VLAN to be protected.
[3Com-secblade-test] security-vlan 50
# Map the IPsec module to the IPsec module in the specified slot.
[3Com-secblade-test] map to slot 2
[3Com-secblade-test] quit
[SW8800] quit
# Log into the IPsec module in the specified slot.
<SW8800> secblade slot 2 (Both the default user name and password are SecBlade)
user: SecBlade
password: SecBlade
<secblade> system-view
# Create a sub-interface.
[secblade] interface GigabitEthernet 0/0.1
[secblade-GigabitEthernet0/0.1] vlan-type dot1q vid 30
[secblade-GigabitEthernet0/0.1] ip address 30.0.0.254 24
[secblade-GigabitEthernet0/0.1] quit
[secblade] interface GigabitEthernet 0/0.2
[secblade-GigabitEthernet0/0.2] vlan-type dot1q vid 50
[secblade-GigabitEthernet0/0.2] ip address 50.0.0.254 24
[secblade-GigabitEthernet0/0.2] quit
# Add the sub-interface to the corresponding zone (applicable to the firewall card
only).
[secblade] firewall zone trust
[secblade-zone-trust] add interface GigabitEthernet 0/0.1
[secblade -zone-trust]quit
[secblade]firewall zone untrust
[secblade-zone-untrust] add interface GigabitEthernet 0/0.2
[secblade-zone-untrust] quit
# Configure the firewall to permit packets to pass (applicable to the firewall card
only).
[secblade] firewall packet-filter default permit
# Set a system user.
[secblade] local-user vpdnuser
[secblade-luser-vpdnuser] password simple Hello
[secblade-luser-vpdnuser] service-type ppp
[secblade-luser-vpdnuser] quit
# Configure a virtual template interface.
[secblade] interface Virtual-Template 0
[secblade-Virtual-Template0] ip address 100.0.0.254 24
[secblade-Virtual-Template0] remote address 100.0.0.1
[secblade-Virtual-Template0] ppp authentication-mode pap
[secblade-Virtual-Template0] quit