MSR 36-10 vpn 架设

我公司有百光光纤通道，16个固定IP，采用其中一个做上网地址，路由，其他做NET,现在想从家里的电脑（普通宽带拔号上网 ）通过VPN接入公司，并和公司内部的地址处于同一网段 ,设备是MSR 36-10 ，该如何配置？

[H3C]dis cu # version 7.1.049, Release 0106 # sysname H3C # telnet server enable # qos carl 1 destination-ip-address subnet 192.168.20.1 24 qos carl 2 destination-ip-address subnet 192.168.30.1 24 # ip pool 2 192.168.40.240 192.168.40.250 # dhcp enable # password-recovery enable # vlan 1 # dhcp server ip-pool 0 network 192.168.20.0 mask 255.255.255.0 dns-list 61.147.37.1 gateway-list 192.168.20.1 # dhcp server ip-pool 1 network 192.168.30.0 mask 255.255.255.0 dns-list 61.147.37.1 gateway-list 192.168.30.1 # dhcp server ip-pool 2 network 192.168.40.0 mask 255.255.255.0 dns-list 61.147.37.1 gateway-list 192.168.40.1 # dhcp server ip-pool 3 network 192.168.50.0 mask 255.255.255.0 dns-list 61.147.37.1 gateway-list 192.168.50.1 # controller Cellular0/0 # controller Cellular0/1 # interface Aux0 # interface NULL0 # interface GigabitEthernet0/0 port link-mode route combo enable copper ip address 192.168.10.1 255.255.255.0 # interface GigabitEthernet0/0.2 ip address 192.168.20.1 255.255.255.0 vlan-type dot1q vid 2 # interface GigabitEthernet0/0.3 ip address 192.168.30.1 255.255.255.0 vlan-type dot1q vid 3 # interface GigabitEthernet0/0.4 ip address 192.168.40.1 255.255.255.0 vlan-type dot1q vid 4 # interface GigabitEthernet0/0.5 ip address 192.168.50.1 255.255.255.0 vlan-type dot1q vid 5 # interface GigabitEthernet0/1 port link-mode route ip address *.*.*.83 255.255.255.240 qos car inbound carl 1 cir 40960 cbs 2560000 ebs 0 green pass red discard yellow pass qos car inbound carl 2 cir 40960 cbs 2560000 ebs 0 green pass red discard yellow pass nat outbound nat static enable # interface GigabitEthernet0/2 port link-mode route # scheduler logfile size 16 # line class aux user-role network-admin # line class tty user-role network-operator # line class vty user-role network-admin user-role network-operator # line aux 0 authentication-mode password user-role level-15 user-role network-admin user-role privilege set authentication password hash $h$6$x5NElY9r/9QG6uZ3$W5lz1r6e4F4R15hCmvZYxw8QN8/nCQbfyRUbV/57XaxPwZTSyDG4pvawkXh1gJxA3ibqad5au/ZeQ7iX49swQw== # line vty 0 3 user-role level-15 user-role network-admin user-role network-operator set authentication password hash $h$6$sGolvufw3G5igOk+$Bq1qCN2kPWH6tH+7XeiX1dxEFxh9KMuei0z2zHdMjhp4Z9LowaVZvZTQ/RhzRV25YEhx7oKbhee9dNq3kG8soQ== # line vty 4 authentication-mode scheme user-role network-admin user-role network-operator protocol inbound ssh # line vty 5 15 authentication-mode scheme user-role network-admin user-role network-operator protocol inbound telnet # line vty 16 63 user-role network-admin user-role network-operator # ip route-static 0.0.0.0 0 *.*.*.81 # ssh server enable ssh user **** service-type stelnet authentication-type password # telnet client source ip 192.168.10.4 # domain system authentication ppp local # aaa session-limit ftp 32 aaa session-limit telnet 32 aaa session-limit http 32 aaa session-limit ssh 32 aaa session-limit https 32 domain default enable system # role name level-0 description Predefined level-0 role # role name level-1 description Predefined level-1 role # role name level-2 description Predefined level-2 role # role name level-3 description Predefined level-3 role # role name level-4 description Predefined level-4 role # role name level-5 description Predefined level-5 role # role name level-6 description Predefined level-6 role # role name level-7 description Predefined level-7 role # role name level-8 description Predefined level-8 role # role name level-9 description Predefined level-9 role # role name level-10 description Predefined level-10 role # role name level-11 description Predefined level-11 role # role name level-12 description Predefined level-12 role # role name level-13 description Predefined level-13 role # role name level-14 description Predefined level-14 role # user-group system # local-user **** class manage password hash $h$6$xUFF2XLKAKOyxBCl$+m3OND28ILB7UN69anBO99/oHjFbVJmZbRFNwY98+YbFX7AHGvu0G+Sw4/269yxS09ZCAJ7siEYeR12t2D9EGw== service-type telnet authorization-attribute user-role network-admin # local-user client class manage password hash $h$6$FPV3mCes0QQEsUNG$W4+D6Qbm8Rj04vjUw+h6OxYkjFRCbL5UzlnKPCNveP+var1BHB9OyjSUI2qIurlVfc7BGPlDTh9GNoP2j396vg== authorization-attribute user-role network-operator # nat static inbound *.*.*.88 192.168.50.88 nat static inbound *.*.*.89 192.168.40.89 nat static inbound *.*.*.90 192.168.40.90 nat static inbound *.*.*.91 192.168.40.91 nat static inbound *.*.*.92 192.168.40.92 nat static inbound *.*.*.93 192.168.40.93 nat static inbound *.*.*.94 192.168.40.94 nat static outbound 192.168.40.89 *.*.*.89 nat static outbound 192.168.40.90 *.*.*.90 nat static outbound 192.168.40.91 *.*.*.91 nat static outbound 192.168.40.92 *.*.*.92 nat static outbound 192.168.40.93 *.*.*.93 nat static outbound 192.168.40.94 *.*.*.94 nat static outbound 192.168.50.88 *.*.*.88 # return