Method used to configure the L2TP user name and password on the USG6000

The L2TP user name and password can be configured as follows:

Configure the L2TP user name and password using the CLI:
1. Set the user name and password (consistent with those set on the LAC), and bind the user with the authentication domain.
a. Configure the authentication domain for the L2TP user.
[LNS] aaa
[LNS-aaa] domain domain1.com
[LNS-aaa-domain-domain1.com] quit
[LNS-aaa] quit
b. Configure the L2TP user.
[LNS] user-manage user vpdnuser domain domain1.com
[LNS-localuser-vpdnuser@domain1.com] password Password1
[LNS-localuser-vpdnuser@domain1.com] quit
2. Enable the L2TP.
[LNS] l2tp enable
3. Create and configure the L2TP group.
[LNS] l2tp-group 1
[LNS-l2tp1] tunnel name LNS
[LNS-l2tp1] allow l2tp virtual-template 1 remote LAC
[LNS-l2tp1] tunnel authentication
[LNS-l2tp1] tunnel password cipher Password1
[LNS-l2tp1] quit
4. Configure the address pool allocated to the user.
[LNS] aaa
[LNS-aaa] domain domain1.com
[LNS-aaa-domain-domain1.com] ip pool 1 192.168.0.2 192.168.0.100
[LNS-aaa-domain-domain1.com] quit
[LNS-aaa] quit

Configure the L2TP user name and password using the web UI:
1. Configure the L2TP user.
a. Choose Object > User > User/Group.
b. Select the default authentication domain.
c. In Member Management, click New and select New User. Configure parameters as follows:
User name: pc1
Password: Password1
Confirm password: Password1
d. Click OK.
2. Configure the L2TP parameters.
a. Choose Network > L2TP > L2TP.
b. In Configure L2TP, select Enable and click Apply.
c. In L2TP Group List, click New.
d. Set Group Type to LNS.
e. Configure the L2TP parameters.
The server address shall be in the same network segment as the address in the address pool. In this way, you do not need to configure a route. Peer Tunnel Name must be consistent with Local Tunnel Name configured on the LAC.
Group Type: LNS
Peer Tunnel Name: LAC
Tunnel Password Authentication: Enable
Password Type: Ciphertext
Tunnel password: Hello123
Confirm Tunnel password: Hello123
User Group: default

Set the user address allocation parameters as follows:
Server Address/Subnet Mask: 10.2.1.1/255.255.255.0
User Address Pool: 10.2.1.2-10.2.1.100
f. Click OK.

Scroll to top