首页 > 网络应用 > L2TP VPN的简单配置

13147

浏览

0

评论

L2TP VPN的简单配置

作者:stephen | 分类:网络应用 | 标签:

在实际工作场所,相信很多用户需要通过组建VPN的方式使用跨区域业务。本博文重点讲解L2TP类型的VPN的配置方法。

一、配置步骤

       综述,L2TP类型的VPN的配置步骤总共有4步:

       1、新建地址池(VPN用户使用)

       2、新建用户(PPP用户登录使用)

       3、创建虚接口(包括认证方式、认证用户、用户地址/地址池)

       4、创建L2TP组

二、H3C AR28路由器配置L2TP vpn脚本。

      素材:

      a、地址段:192.168.222.0/24

      b、地址池:1

      c、认证用户:l2tp_vpn  (密码:l2tp_vpn)

      d、虚接口:1

      e、L2TP组:1

       f、域 domain:vpn

      g、认证模式:ppp

      -------------------------------------------------------------------------------------

       配置脚本如下:

      1、使能L2TP
           l2tp enable                                                                                //使能L2TP
           #
      2、建立VPN用户地址池
           domain vpn
             ip pool 1 192.168.222.2 192.168.222.254
           #
      3、创建本地用户,认证方式为ppp
           local-user l2tp_vpn                                                                   //创建本地用户xxaqcpzx

              password simple l2tp_vpn

              service-type ppp                                                                     //采用ppp方式
           #
     4、创建虚接口
           interface Virtual-Template 1
              ppp authentication-mode pap domain vpn                       //采用PAP的域认证方式
              ppp pap local-user xxaqcpzx password simple xxaqcpzx
              ip address 192.168.95.1 255.255.255.0
              remote address pool 1                                                         //指定使用ip pool 1给用户分配地址
           #
           5、创建L2TP组
           l2tp-group 1                                                                            //创建L2TP组
              undo tunnel authentication                                                //不进行tunnel认证/
              mandatory-lcp                                                                     //LCP再协商     /设备是否配置?
              allow l2tp virtual-template 1                                              //接受任何LAC的l2tp请求,并绑定到虚接口1上/
           #

三、华为AR2220配置实录脚本

      1、实录脚本:

L2TP <wbr>VPN的简单配置

      2、配置结果:

display current-configuration
[V200R003C00]
#
 sysname AR2220
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent
#
 clock timezone Indian Standard Time minus 05:13:20
 clock daylight-saving-time Day Light Saving Time repeating 12:32 9-1 12:32 11-23
 00:00 2005 2005
#
portal local-server load portalpage.zip
#
 drop illegal-mac alarm
#
 l2tp enable
#
 set cpu-usage threshold 80 restore 75
#
ip pool 1
 network 192.168.222.0 mask 255.255.255.0
 excluded-ip-address 192.168.222.1
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 domain vpn
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
 local-user l2tp_vpn password cipher %$%$u0D6ZW]%/;KQdO_`&(#(hH/%$%$

 local-user l2tp_vpn privilege level 15
 local-user l2tp_vpn service-type ppp
#
firewall zone Local
 priority 15
#
interface Virtual-Template1
 ppp authentication-mode pap domain vpn
 remote address pool 1
 ppp pap local-user l2tp_vpn password cipher %$%$0T%R6];"COB9QuG92_l',.eh%$%$
 ip address 192.168.222.1 255.255.255.0
#
interface GigabitEthernet0/0/0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
l2tp-group 1
 undo tunnel authentication
 mandatory-lcp
 allow l2tp virtual-template 1
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return


本文链接:https://www.stephenwxf.com/post/12.html
原创文章如转载请注明:转载自王显璠的个人博客谢谢!

Copyright Your stephenwxf.com Rights Reserved.