3com 3031 Instruccion De Instalación

g Enable tunnel authentication and set tunnel authentication password.

[Router-l2tp1]tunnel authentication

[Router-l2tp1]tunnel password simple 3com

A user needs to communicate with headquarters, but the network address of 
headquarters is a private address, e.g. 10.8.0.0 network, so the user can not 
directly access internal server via Internet. With VPN, the user can access the data 
of internal network.

Figure 213   Networking diagram of single user interconnecting headquarters

1 Configuration on user side

To create a dial-in connection, dial access number specified on Router1, and 
receive assigned address from LNS server.

Input username “vpdnuser@3com.com” in pop-up dial-in terminal window, with 
password being Hello (the username and password have been registered on LNS 
of the company).

2 Configuration on Router1 (on LAC side)

(In this example, LAC side communicates with LNS through serial port Serial1/0/0, 
whose IP address is 202.38.160.1, the IP address of serial port connected with 
tunnel on LNS side being 202.38.160.2).

a Set username and password.

[Router1]local-user vpdnuser@3com.com password simple Hello

b Perform AAA authentication.

[Router1]aaa enable

[Router1]aaa authentication-scheme ppp default local

c Enable CHAP authentication on access interface of dial-in user.

d Configure IP address on interface Serial1/0/0.

[Router1]interface serial 1/0/0

[Router1-Serial1/0/0]ip address 202.38.160.1 255.255.255.0

[Router1-Serial1/0/0]ppp authentication-mode chap

e Set a L2TP group and configure related attributes.

[Router1]l2tp enable

[Router1]l2tp-group 1

Quidway 1

LAC

Quidway 2

LNS

Internet

Tunnel

WAN

Modem

PSTN

ISDN

PC1

PC2

Headquarter

Router1

Router2