求L2TP配置，高手路过请指点！

lanjor · 发表于 2009-1-3 20:19:12

马上注册成为ROSABC会员，随时发帖回复。

您需要登录才可以下载或查看，没有账号？会员注册

x

sysname H3C
#
l2tp enable
#
ipsec cpu-backup enable
#
undo cryptoengine enable
#
firewall enable
#

#
ip pool 1 192.168.20.1 192.168.20.253
#
domain default enable system
#
telnet server enable
#
acl number 2000
rule 0 permit source 192.168.0.0 0.0.255.255
#
acl number 3000
rule 0 permit ip source 192.168.2.26 0 destination 192.168.10.13 0
rule 5 permit ip source 192.168.2.38 0 destination 192.168.10.13 0
acl number 3001
rule 0 permit ip source 192.168.2.26 0 destination 192.168.10.10 0
rule 5 permit ip source 192.168.2.38 0 destination 192.168.10.10 0
acl number 3002
rule 0 permit ip source 192.168.2.26 0 destination 192.168.10.12 0
rule 5 permit ip source 192.168.2.38 0 destination 192.168.10.12 0
#
vlan 1
#
radius scheme system
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
ip pool 1 192.168.20.100 192.168.20.200
#
user-group system
#
local-user aa
local-user aaa
password simple aaa
authorization-attribute level 3
service-type ppp
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4

jacky4955 · 发表于 2009-1-5 19:23:31

这个配置上面就是原来的设备，我想用routeros实现，您能从这上面看出来什么吗？具体在routeros上怎么操作？

sysname H3C
#
l2tp enable
#
ipsec cpu-backup enable
#
undo cryptoengine enable
#
firewall enable
#

#
ip pool 1 192.168.20.1 192.168.20.253
#
domain default enable system
#
telnet server enable
#
acl number 2000
rule 0 permit source 192.168.0.0 0.0.255.255
#
acl number 3000
rule 0 permit ip source 192.168.2.26 0 destination 192.168.10.13 0
rule 5 permit ip source 192.168.2.38 0 destination 192.168.10.13 0
acl number 3001
rule 0 permit ip source 192.168.2.26 0 destination 192.168.10.10 0
rule 5 permit ip source 192.168.2.38 0 destination 192.168.10.10 0
acl number 3002
rule 0 permit ip source 192.168.2.26 0 destination 192.168.10.12 0
rule 5 permit ip source 192.168.2.38 0 destination 192.168.10.12 0
#
vlan 1
#
radius scheme system
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
ip pool 1 192.168.20.100 192.168.20.200
#
user-group system
#
local-user aa
local-user aaa
password simple aaa
authorization-attribute level 3
service-type ppp
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
authorization-attribute level 3
service-type telnet
#
l2tp-group 1
undo tunnel authentication
mandatory-lcp
allow l2tp virtual-template 0
#
interface Aux0
async mode flow
link-protocol ppp
#
interface Virtual-Template0
ppp authentication-mode pap
remote address pool 1
ip address 192.168.20.1 255.255.255.0

这是原来华为上的配置，我想挪到routeros上，请问具体怎么配？

interface Virtual-Ethernet0

devil20 · 发表于 2009-1-6 06:21:55

如果可以，希望你能提供一下你的简单网络结构示意图，
同时你可以参考一下“网大实验室”里面的“关于华为路由与ROS构建L2TP的实验案例”，
希望多关注我们论坛

nayagirl · 发表于 2009-1-7 15:15:21

请你稍等，我们技术人员马上为你解答

		自动登录	找回密码
密码			会员注册

[交流] 求L2TP配置，高手路过请指点！

马上注册成为ROSABC会员，随时发帖回复。