Method used to configure the L2TP-based access to the L3 VPN on the USG2000 and USG5000

The method used to configure the L2TP-based access to the L3 VPN on the USG2000 and USG5000 is as follows:
Most carriers adopt the MPLS VPN networking. However, the MPLS VPN cannot satisfy special requirements. For example:
a. A user is served by a VPN and needs to access resources in another VPN.
b. The carrier provides a shared LNS to enterprise users who use the MPLS VPN. Mobile users of the enterprise access the enterprise intranet over the LNS. The LNS is shared by multiple enterprise users. Therefore, the LNS needs to access different users to the corresponding VPNs.
Procedure
1. Configure the LAC.
a. Set the user name and password.
b. Create two zones.
c. Configure the domain name suffix separator.
[LAC] l2tp domain suffix-separator @
d. Create the virtual interface template and bind it with the interface.
e. Set two L2TP groups and configure the related attributes.
2. Configure the LNS.
a. Create two VPN instances vpna and vpnb.
b. Configure an interface connected to enterprise network A, and bind the interface with vpna.
c. Configure an interface connected to enterprise network B, and bind the interface with vpnb.
d. Create the authentication scheme.
e. Configure the RADIUS template.
f. Configure the domain name suffix separator.
[LNS] l2tp domain suffix-separator @
g. Create two Virtual-Template templates bound with vpna and vpnb.
h. Create two zones and bind the zones to the corresponding virtual templates and address pools.
i. Create two L2TP groups.

Scroll to top