组网及说明
2.2.2.2模拟LNS侧内网,8.8.8.8和9.9.9.9分别模拟LAC侧内网
配置步骤
- LNS侧配置(公网接口配置省略)
l2tp enable
#
l2tp-group 1 mode lns
allow l2tp virtual-template 1
undo tunnel authentication
#
ip pool aaa 5.5.5.11 5.5.5.20
ip pool aaa gateway 5.5.5.1
#
interface Virtual-Template1
ppp authentication-mode pap
remote address pool aaa
ip address 5.5.5.1 255.255.255.0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
local-user vpdnuser class network
password cipher $c$3$4zf/l7PD5g2An89kou0uv13vevw2MbQD
service-type ppp
authorization-attribute ip 5.5.5.20 //使用账号vpdnuser拨号获取固定ip地址5.5.5.20
#
local-user vpn class network
password cipher $c$3$U7p1L21yF66RpWq6sft9vx1hHj7R9A==
service-type ppp
authorization-attribute ip 5.5.5.19 //使用账号vpn拨号获取固定ip地址5.5.5.19
#
ip route-static 8.8.8.8 32 5.5.5.19 //到分支内网的路由,下一跳为lac拨号获取的固定ip地址
ip route-static 9.9.9.9 32 5.5.5.20
#
2. LAC-1侧配置
l2tp enable
#
interface LoopBack0
ip address 8.8.8.8 255.255.255.255
#
l2tp-group 1 mode lac
lns-ip x.x.x.121
undo tunnel authentication
#
interface Virtual-PPP1
ppp pap local-user vpn password cipher $c$3$qkrUKrFTBLxTSP0cuXPKGQl6dHnItbva
ip address ppp-negotiate
l2tp-auto-client l2tp-group 1
#
ip route-static 2.2.2.2 32 Virtual-PPP1
ip route-static 9.9.9.9 32 Virtual-PPP1
#
3. LAC-2侧配置
l2tp enable
#
interface LoopBack0
ip address 9.9.9.9 255.255.255.255
#
l2tp-group 1 mode lac
lns-ip x.x.x.121
undo tunnel authentication
#
interface Virtual-PPP1
ppp pap local-user vpdnuser password cipher $c$3$UW92uUO+lg0TW1RxFCkON2I1RbKSXSlN
ip address ppp-negotiate
l2tp-auto-client l2tp-group 1
#
ip route-static 2.2.2.2 32 Virtual-PPP1
ip route-static 8.8.8.8 32 Virtual-PPP1
配置关键点
1、
2、
ip route-static 8.8.8.8 32 5.5.5.19
ip route-static 9.9.9.9 32 5.5.5.20
3、
在8.8.8.8的lac添加ip route-static 9.9.9.9 32 Virtual-PPP1
在9.9.9.9的lac添加ip route-static 8.8.8.8 32 Virtual-PPP1
在设备上测试互通时,需要加源地址测试内网连通性,比如ping –a 8.8.8.8 9.9.9.9
该案例暂时没有网友评论
编辑评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作