Friday, March 9, 2012

#HP #MSR #L2TP router config sample



#
 l2tp enable
#
domain default enable system
#
 ike local-name h3c
#
acl number 2000
 description NAT OUTBOUND ACL
 rule 0 permit source 192.168.1.0 0.0.0.255
 rule 10 permit source 172.16.1.0 0.0.0.255
#
domain system
 authentication ppp local
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
 ip pool 1 10.10.10.5 10.10.10.10
#
ike peer remote
 exchange-mode aggressive
 pre-shared-key simple sprig1234
 id-type name
 remote-name remote
#
ipsec proposal remote
#
ipsec policy remote 1 isakmp
 ike-peer remote
 proposal remote
#
local-user hp
 password simple hphp1234
 authorization-attribute level 1
 service-type ppp
#
l2tp-group 1  
 mandatory-chap
 undo tunnel authentication
 allow l2tp virtual-template 0
 tunnel name remote
#
interface Virtual-Template0
 ppp authentication-mode chap domain system
 remote address pool 1
 ip address 10.10.10.254 255.255.255.0
#
interface NULL0
#
interface GigabitEthernet0/0
 port link-mode route
 description LAN_ZONE_INTERFACE
 ip address 192.168.1.254 255.255.255.0
#
interface GigabitEthernet0/5
 port link-mode route
 nat outbound 2000
 ip address dhcp-alloc
 ipsec policy remote
#              

1 comment:

  1. Is this a router to router L2TP tunnel? I am looking for a way to use MSR 30-60 routers to create either an L2TP or L2F forwarding tunnel so I can get the same ip subnet at each end of that tunnel.

    Does the above do that?

    ReplyDelete