HP VPN Firewall Appliances VPN Configuration Guide
247
# Create a local user named vpdnuser, set the password, and enable the PPP service. The
username and password must match those configured on the client.
<LNS> system-view
[LNS] local-user vpdnuser
[LNS-luser-vpdnuser] password simple Hello
[LNS-luser-vpdnuser] service-type ppp
[LNS-luser-vpdnuser] quit
# Configure local authentication for the VPN user.
[LNS] domain system
[LNS-isp-system] authentication ppp local
[LNS-isp-system] ip pool 1 192.168.0.2 192.168.0.100
[LNS-isp-system] quit
# Enable L2TP.
[LNS] l2tp enable
# Configure the VT interface.
[LNS] interface virtual-template 1
[LNS-virtual-template1] ip address 192.168.0.1 255.255.255.0
[LNS-virtual-template1] ppp authentication-mode chap domain system
[LNS-virtual-template1] remote address pool 1
[LNS-virtual-template1] quit
# Create an L2TP group, specify the VT interface for receiving calls, and specify the name of the
tunnel on the peer.
[LNS] l2tp-group 1
[LNS-l2tp1] tunnel name LNS
[LNS-l2tp1] allow l2tp virtual-template 1 remote LAC
# Enable tunnel authentication and specify the tunnel authentication key.
[LNS-l2tp1] tunnel authentication
[LNS-l2tp1] tunnel password simple aabbcc
3. In the dial-up network window, configure the user by entering vpdnuser as the username and Hello
as the password.
4. Verify the configuration:
# After the dial-up connection is established, the user host can obtain an IP address (for example,
192.168.0.2) and can ping the private IP address of the LNS (192.168.0.1).
# On the LNS, use the display l2tp tunnel command to check the established L2TP tunnels.
[LNS] dis l2tp tunnel
Total tunnel = 1
LocalTID RemoteTID RemoteAddress Port Sessions RemoteName
1 1 1.1.2.1 1701 1 LAC
# On the LNS, use the display l2tp session command to check the established L2TP sessions.
[LNS] display l2tp session
Total session = 1
LocalSID RemoteSID LocalTID
23142 729 1