华为认证: L2TP VPN 配置

企业动态
以下是华为认证: L2TP VPN 配置。

[Quidway]discu

#

sysnameQuidway

#

l2tpenable

#

local-useradminpasswordsimpleadmin

local-useradminservice-typetelnet

local-useradminlevel3

local-uservpdnuserpasswordsimpleuser

local-uservpdnuserservice-typeppp

local-uservpdnuser1passwordsimpleuser1

local-uservpdnuser1service-typeppp

local-uservpdnuser2passwordsimpleuser2

local-uservpdnuser2service-typeppp

local-uservpdnuser3passwordsimpleuser3

local-uservpdnuser3service-typeppp

local-uservpdnuser4passwordsimpleuser4

local-uservpdnuser4service-typeppp

local-uservpdnuser5passwordsimpleuser5

local-uservpdnuser5service-typeppp

local-uservpdnuser6passwordsimpleuser6

local-uservpdnuser6service-typeppp

local-uservpdnuser7passwordsimpleuser7

local-uservpdnuser7service-typeppp

local-uservpdnuser8passwordsimpleuser8

local-uservpdnuser8service-typeppp

local-uservpdnuser9passwordsimpleuser9

local-uservpdnuser9service-typeppp

local-uservpdnuser10passwordsimpleuser10

local-uservpdnuser10service-typeppp

local-userquidwaypasswordsimpleguofeng

local-userquidwayservice-typeterminaltelnet

local-userquidwaylevel3

#

ippool1192.168.1.2192.168.1.100

#

aaaenable

#

iphost61.172.201.239

#

firewallenable

#

ispdomainsina.com.cn

dnsprimary202.102.192.68

dnssecondary202.102.199.68

#

interfaceVirtual-Template1

pppauthentication-modepap

ipaddress192.168.1.1255.255.255.0

remoteaddresspool1

#

interfaceAux0

asyncmodeflow

link-protocolppp

#

interfaceEthernet0/0

ipaddress218.22.38.xx255.255.255.0

firewallpacket-filter3001inbound

firewallpacket-filter3001outbound

natoutbound2001

natserverprotocoltcpglobal218.22.38.210wwwinside192.168.0.59www

#

interfaceEthernet0/1

ipaddress192.168.0.2255.255.255.0

#

interfaceNULL0

#

aclnumber2001

rule0permitsource192.168.0.00.0.0.255

#

aclnumber3001

rule0denytcpdestination-porteq135

rule1denytcpdestination-porteq139

rule2denytcpdestination-porteq4444

rule3denytcpdestination-porteq5554

rule4denyudpdestination-porteqtftp

rule6denytcpsource-porteq5554destination-porteq9995

rule7denytcpsource-porteq5554destination-porteq9996

rule9denytcpdestination-porteq136

rule10denytcpdestination-porteq138

rule13denyudpdestination-porteq135

rule14denyudpdestination-porteq136

rule15denyudpdestination-porteq389

rule16denyudpdestination-porteq445

rule17denytcpdestination-porteq4899

rule18denytcpdestination-porteqsunrpc

rule19denytcpdestination-porteq6588

rule20denytcpdestination-porteq1978

rule21denytcpdestination-porteq593

rule22denytcpdestination-porteq3389

rule23denytcpdestination-porteq137

rule24denyudpdestination-porteqsnmp

rule26denytcpdestination-porteq445

rule27denytcpdestination-porteq2745

rule28denytcpdestination-porteq1080

rule29denytcpdestination-porteq6129

rule30denytcpdestination-porteq3127

rule31denytcpdestination-porteq3128

rule32denyudpdestination-porteqnetbios-dgm

rule33denyudpdestination-porteqnetbios-ns

rule34denytcpdestination-porteq5800

rule35denytcpdestination-porteq6667

rule36denytcpdestination-porteq1025

rule38denytcpdestination-porteq1068

rule39denytcpdestination-porteq9995

rule40denyudpdestination-porteqnetbios-ssn

rule41denytcpdestination-porteq539

rule42denyudpdestination-porteq539

rule43denyudpdestination-porteq1434

rule44denyudpdestination-porteq593

#

l2tp-group1

undotunnelauthentication

mandatory-lcp

allowl2tpvirtual-template1

#

iproute-static0.0.0.00.0.0.0218.22.38.209preference60

#

snmp-agent

snmp-agentlocal-engineid000007DB7F000001000075A7

snmp-agentsys-infoversionv3

#

user-interfacecon0

authentication-modelocal

user-interfaceaux0

user-interfacevty04

authentication-modelocal

#

return

WINDOWS客户端需要配置禁用IPSEC加密:

修改注册表:HKEY_LOCAL_MACHINE“SYSTEM“CurrentControlSet“Services“RasMan“Parameters

下修改ProhibitIPSec,值为,1.

如果没有此键,请自行创建

 

【编辑推荐】

  1. 华为认证:Display interface的显示信息详解
  2. 华为认证:网络互联专家HSE知识点大集合四
  3. 华为认证技巧心得之考前心理调整
责任编辑:张攀 来源: 考试吧
相关推荐

2014-11-17 15:47:51

2010-08-09 14:03:38

路由器L2TP配置

2009-02-20 12:33:56

SUSE控制服务器案例

2011-11-07 13:54:51

PPTPVPNL2TP

2009-12-30 15:29:16

2009-09-03 10:29:15

思科VPN详解

2011-06-01 10:22:30

2011-04-19 09:36:37

Chrome OS

2011-04-28 11:34:04

2009-12-31 10:23:51

2015-03-04 10:50:08

2009-12-29 14:04:05

L2VPN

2012-09-28 09:44:32

2011-03-30 13:21:17

2011-08-24 10:31:01

网络协议SLIPPPP

2011-11-29 16:08:30

IPsec VPN

2012-09-27 09:51:00

2010-08-19 11:54:38

思科华为认证

2011-11-29 14:50:19

IPSecVPN

2011-03-08 11:29:58

点赞
收藏

51CTO技术栈公众号