L2TPVirtualPrivateDialupNetwork配置

王朝other·作者佚名 2008-05-19

宽屏版字体: 小|中|大|超大

LAC

hostname LAC

ip subnet-zero

no ip domain-lookup

vpdn enable

no vpdn logging

vpdn search-order domain

!-- VPDN tunnel authorization is based on the domain only.

vpdn-group 1

request-dialin

!-- Enables the LAC to make requests to the LNS for dialin.

protocol l2tp

domain cisco.com

accept-dialout

!-- Enables the LAC to accept requests from the LNS for dialout.

protocol l2tp

dialer 1

!-- Specifies the dialer that is used to dial out.

terminate-from hostname LNS

initiate-to ip 18.18.18.2

local name LAC

l2tp tunnel password l2tptunnel

source-ip 18.18.18.1

isdn switch-type primary-net5

controller E1 0

clock source line primary

pri-group timeslots 1-31

interface Loopback0

ip address 18.18.18.1 255.255.255.255

interface Ethernet0

ip address 10.200.20.34 255.255.255.0

no ip route-cache

no ip mroute-cache

no cdp enable

interface Serial0

description -- Connection to the LNS

ip address 18.18.18.6 255.255.255.252

no fair-queue

clockrate 64000

no cdp enable

interface Serial0:15

no ip address

encapsulation ppp

dialer rotary-group 1

isdn switch-type primary-net5

no cdp enable

ppp authentication chap

ppp chap hostname LAC

interface Dialer1

ip unnumbered Loopback0

encapsulation ppp

dialer in-band

dialer aaa

!-- This command is required for L2TP dialout functionality even you are not

!-- using AAA.

dialer-group 1

no cdp enable

ppp authentication chap

ppp chap hostname LAC

ppp chap password 7 1511021F0725

no ip http server

ip classless

ip route 18.18.18.2 255.255.255.255 18.18.18.5

dialer-list 1 protocol ip permit

no cdp run

############################################

LNS

hostname LNS

vpdn enable

vpdn-group 1

accept-dialin

!-- Enables the LNS to accept request from the LAC for dialin.

protocol l2tp

virtual-template 1

!-- For each user, a virtual-access is cloned from this virtual-template.

request-dialout

!-- Enables the LNS to request the LAC for dialout.

protocol l2tp

pool-member 1

!-- Specifies the dialer profile to be used to dial out.

terminate-from hostname LAC

initiate-to ip 18.18.18.1

local name LNS

l2tp tunnel password l2tptunnel

source-ip 18.18.18.2

interface Loopback0

ip address 18.18.18.2 255.255.255.255

interface Ethernet0

ip address 10.200.20.24 255.255.255.0

no ip route-cache

no ip mroute-cache

interface Virtual-Template1

ip unnumbered Loopback0

no peer default ip address

ppp chap hostname LNS

interface Serial0

description -- Connection to the LAC

ip address 18.18.18.5 255.255.255.252

no ip route-cache

no ip mroute-cache

interface Dialer1

!-- For each user, a dialer profile is configured.

ip unnumbered Loopback0

encapsulation ppp

dialer pool 1

!-- "dialer pool 1" must match "pool-member 1" in the vpdn-group.

dialer remote-name remote1@cisco.com

dialer string 6122

!-- ISDN number that the LAC uses to dialout the remote client remote1@cisco.com.

dialer vpdn

!-- Enables the dialer profile to use L2TP dialout and so place a VPDN call.

dialer-group 1

ppp authentication chap callin

ppp chap hostname LNS

interface Dialer2

ip unnumbered Loopback0

encapsulation ppp

dialer pool 1

dialer remote-name remote2@cisco.com

dialer string 6121

dialer vpdn

dialer-group 1

no cdp enable

ppp authentication chap callin

ppp chap hostname LNS

no ip http server

ip classless

ip route 10.200.16.26 255.255.255.255 10.200.20.1

ip route 17.17.17.1 255.255.255.255 Dialer1

ip route 17.17.17.2 255.255.255.255 Dialer2

ip route 17.17.17.3 255.255.255.255 10.200.20.32

ip route 18.18.18.1 255.255.255.255 18.18.18.6

dialer-list 1 protocol ip permit

no cdp run