Manualshelf

HP VPN Firewall Appliances VPN Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
251252253254255256257258259260
248
Configuration example for client-initiated VPN
Network requirements
As shown in Figure 171, a VPN user accesses the corporate headquarters in the following procedure:
1. Configure an IP address and route for the user host, making sure that the host is reachable to the
LNS.
2. The user initiates a tunneling request to the LNS.
3. After the LNS accepts the connection request, an L2TP tunnel is set up between the LNS and the
VPN user.
4. The VPN user communicates with the headquarters over the tunnel.
Figure 171 Network diagram
Configuration procedure
1. Configure the LNS:
# Configure IP addresses for the interfaces. (Details not shown.)
# Configure the route between the LNS and the user host. (Details not shown.)
# Create a local user named vpdnuser, set the password, and enable the PPP service. The
username and password must match those configured on the client.
<LNS> system-view
[LNS] local-user vpdnuser
[LNS-luser-vpdnuser] password simple Hello
[LNS-luser-vpdnuser] service-type ppp
[LNS-luser-vpdnuser] quit
# Configure local authentication for the VPN user.
[LNS] domain system
[LNS-isp-system] authentication ppp local
[LNS-isp-system] ip pool 1 192.168.0.2 192.168.0.100
[LNS-isp-system] quit
# Enable L2TP.
[LNS] l2tp enable
# Configure the VT interface.
[LNS] interface virtual-template 1
[LNS-virtual-template1] ip address 192.168.0.1 255.255.255.0
[LNS-virtual-template1] ppp authentication-mode chap domain system
[LNS-virtual-template1] remote address pool 1
[LNS-virtual-template1] quit
# Create an L2TP group and specify the VT interface for receiving calls.
[LNS] l2tp-group 1