HP VPN Firewall Appliances VPN Configuration Guide
236
1. Determine the network devices needed according to the networking environment. For
NAS-initiated mode and LAC-auto-initiated mode, configure both the LAC and the LNS. For
client-initiated mode, you only need to configure the LNS.
2. Configure the devices accordingly based on the intended role (LAC or NAS) on the network.
To configure a device as an LAC in NAS-initiated or LAC-auto-initiated mode, complete the following
tasks:
Task Remarks
Configuring basic L2TP capability
Enable L2TP
Required. Create an L2TP group
Specify the local name of the tunnel
Configuring an LAC
Configuring an LAC to initiate
tunneling requests for specified
users
Required.
Configuring an LAC to transfer AVP
data in hidden mode
Optional.
Configuring AAA authentication for
VPN users on LAC side
Required.
Configuring an LAC to establish an
L2TP tunnel
• Required in LAC-auto-initiated
mode.
• No need to configure in
NAS-initiated mode.
Configuring L2TP connection
parameters
Configuring L2TP tunnel
authentication
Optional.
Setting the hello interval
Enabling tunnel flow control
Disconnecting tunnels by force
To configure a device as an LNS in NAS-initiated, client-initiated, or LAC-auto-initiated mode, complete
the following tasks:
Task Remarks
Configuring basic L2TP capability
Enable L2TP
Required. Create an L2TP group
Specify the local name of the tunnel
Configuring an LNS
Creating a VT interface Required.
Configuring the local address and the address pool for
allocation
Required.
Configuring an LNS to grant certain L2TP tunneling
requests
Required.
Configuring user authentication on an LNS Optional.
Configuring AAA authentication for VPN users on an LNS Optional.
Enabling L2TP for VPNs Optional.