華為AR28-31配置L2TP ×××

<ar28-31>

<ar28-31>dis curr

#

 sysname ar28-31

 l2tp enable

 cpu-usage cycle 1min

 firewall enable

radius scheme system

domain system

 ip pool 1 11.1.1.2 11.1.1.100

local-user admin

 password cipher .]@use=b,53q=^q`maf4<1!!

 service-type telnet terminal

 level 3

local-user yaoshenshen

 password simple yaoshenshen

 service-type ppp

acl number 3000

 rule 0 permit ip source 12.1.1.2 0

acl number 3001                          

 rule 0 deny ip source 11.1.1.2 0 destination 12.1.1.3 0(這裡是限制×××撥通後應該通路區域網路中的哪台機器)

 rule 1 deny ip source 11.1.1.3 0 destination 12.1.1.3 0

#                                        

interface virtual-template0              

 ppp authentication-mode pap             

 ppp pap local-user yaoshenshen password simple yaoshenshen

 ip address 11.1.1.1 255.255.255.0       

 remote address pool 1                   

interface aux0                           

 async mode flow                         

interface ethernet0/0                    

 ip address 12.1.1.1 255.255.255.0       

 firewall packet-filter 3001 outbound    

interface ethernet0/1                     

 ip address 1.1.1.1 255.255.255.0        

 nat outbound 3000                       

interface null0                          

l2tp-group 1                             

 allow l2tp virtual-template 0           

 telnet source-ip 12.1.1.1               

user-interface con 0                     

user-interface aux 0                     

user-interface vty 0 4                   

 authentication-mode scheme              

return