H3C MSR 3620基础上网及L2TP配置
配置思路:
启用---建用户给域---建域给虚模板接口--域给虚模板接口---虚模板接口给L2tp组
l2tp enable
local-user admin class network
password simple admin
service-type ppp
domain abc
authentication ppp local
interface Virtual-Template1
ppp authentication-mode chap domain abc
remote address 192.168.20.2
ip address 192.168.20.1 255.255.255.0
l2tp-group 1 mode lns
allow l2tp virtual-template 1
undo tunnel authentication
tunnel name LNS大写
===================================
[MSR3620]dis cur
#
version 7.1.049, Release 0106P21
#
sysname MSR3620
#
dhcp enable
#
password-recovery enable
#
vlan 1
#
dhcp server ip-pool pool11
network 192.168.11.0 mask 255.255.255.0
address range 192.168.11.100 192.168.11.200
dns-list 202.99.166.4
gateway-list 192.168.11.1
#
controller Cellular0/0
#
controller Cellular0/1
#
interface Aux0
#
interface Virtual-Template1--------------------(2)创建并进入虚模板接口1,配本地IP,远端IP(PPP用户的IP),PPP认证方式为chap并工作在名为abc的域********
ppp authentication-mode chap domain abc
remote address 192.168.20.2
ip address 192.168.20.1 255.255.255.0
#
interface NULL0
#
interface GigabitEthernet0/0
port link-mode route
combo enable copper
ip address 172.16.11.200 255.255.255.0
nat outbound
#
interface GigabitEthernet0/1
port link-mode route
#
interface GigabitEthernet0/2
port link-mode route
ip address 192.168.11.1 255.255.255.0
#
scheduler logfile size 16
#
line class aux
user-role network-admin
#
line class tty
user-role network-operator
#
line class vty
user-role network-operator
#
line aux 0
user-role network-admin
#
line vty 0 63
user-role network-operator
#
ip route-static 0.0.0.0 0 172.16.11.254
#
domain abc--------------------------(1)创建并进入名为abc的域,为在虚模板接口virtual-template 1处认证配置处引用*************
authentication ppp local-----------对PPP用户采取本地认证
#
domain system
#
aaa session-limit ftp 32
aaa session-limit telnet 32
aaa session-limit http 32
aaa session-limit ssh 32
aaa session-limit https 32
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user admin class network------------(0)创建并进入本地用户用于远端L2TP拨号时的用户名和密码
password cipher admin//////////////$c$3$vxTKs5M4PsMkgGqspKJ6nkZvHuMM/l2u------配
service-type ppp--------------------------------------------------------------配
authorization-attribute user-role network-operator----------------------------默认
#
local-user h3c class network
password cipher $c$3$vqedKIgWBgpbwxyyVSgJ6guEj3njpg==
service-type ppp
authorization-attribute user-role network-operator
#
l2tp-group 1 mode lns-----------------(3)创建并进入编号为1的模式为lns的组*************************
allow l2tp virtual-template 1---允许(指定)接收拨号呼叫的虚拟模板接口为VT1
undo tunnel authentication---取消隧道认证
tunnel name LNS---隧道名
#
l2tp enable---(00)启用l2tp协议**********************************
#
return
[MSR3620]dis l2tp tunnel
LocalTID RemoteTID State Sessions RemoteAddress RemotePort RemoteName
61993 10 Established 1 172.16.11.22 1701 User-2021DH
RAIW
[MSR3620]dis l2tp session
LocalSID RemoteSID LocalTID State
46887 1 61993 Established
[MSR3620]dis version
H3C Comware Software, Version 7.1.049, Release 0106P21
Copyright (c) 2004-2014 Hangzhou H3C Tech. Co., Ltd. All rights reserved.
H3C MSR36-20 uptime is 0 weeks, 0 days, 3 hours, 11 minutes
Last reboot reason : Power on
Boot image: cfa0:/msr36-cmw710-boot-r0106p21.bin
Boot image version: 7.1.049P16, Release 0106P21
Compiled Jan 07 2015 18:16:01
System image: cfa0:/msr36-cmw710-system-r0106p21.bin
System image version: 7.1.049, Release 0106P21
Compiled Jan 07 2015 18:16:01
CPU ID: 0x2
2G bytes DDR3 SDRAM Memory
8M bytes Flash Memory
PCB Version: 2.0
CPLD Version: 2.0
Basic BootWare Version: 1.42
Extended BootWare Version: 1.42
[SLOT 0]AUX (Hardware)2.0, (Driver)1.0, (CPLD)2.0
[SLOT 0]GE0/0 (Hardware)2.0, (Driver)1.0, (CPLD)2.0
[SLOT 0]GE0/1 (Hardware)2.0, (Driver)1.0, (CPLD)2.0
[SLOT 0]GE0/2 (Hardware)2.0, (Driver)1.0, (CPLD)2.0
[SLOT 0]CELLULAR0/0 (Hardware)2.0, (Driver)1.0, (CPLD)2.0
[SLOT 0]CELLULAR0/1 (Hardware)2.0, (Driver)1.0, (CPLD)2.0
[MSR3620]quit
<MSR3620>quit
%Jan 7 12:58:41:650 2022 MSR3620 SHELL/5/SHELL_LOGOUT: TTY logg
******************************************************************************
* Copyright (c) 2004-2014 Hangzhou H3C Tech. Co., Ltd. All rights reserved. *
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
******************************************************************************
Line aux0 is available.
Press ENTER to get started.
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 开源Multi-agent AI智能体框架aevatar.ai,欢迎大家贡献代码
· Manus重磅发布:全球首款通用AI代理技术深度解析与实战指南
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· 没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
· 园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY