Configuration L2TP via LTE port.

Latest reply: Oct 30, 2018 09:22:53 422 10 10 0

【Problem Description】

 


Customer want configuration L2TP between two AR,The topology as follow:

 


PC1---AR-1(LTE Port) ---internet---Third-part USG--AR-2 ----PC2

 


AR 1 is LTE port and as a LAC.

AR 2 is LNS with private network address.

 


【Problem Analysis】

 

Analysis the topology AR1 with LTE port this is a dynamic ip address so it should working as LAC

 

 

AR2 in private network so it should working as LNS.

 


The Third-part USG should configuration the NAT server that mapping the public ip address to AR2 private address with UDP port 1701

 


【Solution Description】

 


AR1 LAC Configuration

#

l2tp enable

#

acl number 3002                                                               

 rule 5 permit ip

#

dialer-rule

dialer-rule 1 ip permit

#

apn profile lteprofile     

 apn ltenet                                                   //sim APN Configuration

#

interface Virtual-Template1

ppp chap user huawei

ppp chap password cipher huawei123

ip address ppp-negotiate

l2tp-auto-client enable

#

interface Cellular0/0/0                      //WAN Port Configuration

dialer enable-circular

dialer-group 1

apn-profile lteprofile

dialer number *99# autodial

nat outbound 3002 

 ip address negotiate

#

interface GigabitEthernet2/0/0                 //LAN Port Configuration

ip address 192.168.10.1 255.255.255.0

#

l2tp-group 1

tunnel password cipher huawei123

tunnel name lac

start l2tp ip 202.1.1.1 fullusername huawei                    //Third-part USG WAN ip adress is 202.1.1.1

#

ip route-static 192.168.2.0 255.255.255.0 Virtual-Template1

ip route-static 0.0.0.0 0.0.0.0 Cellular0/0/0

#

return

 

 

AR2 LNS Configuration

#

l2tp enable

#

ip pool 1

network 192.168.1.0 mask 255.255.255.0

gateway-list 192.168.1.1

#

aaa

local-user huawei password cipher huawei123

local-user huawei privilege level 0

local-user huawei service-type ppp

#

interface Virtual-Template1

ppp authentication-mode chap

remote address pool 1

ip address 192.168.1.1 255.255.255.0

#

interface GigabitEthernet1/0/0                           //WAN Port connect to Third-part USG

ip address 192.168.100.1 255.255.255.0

#

interface GigabitEthernet2/0/0                           //LAN Port Configuration

ip address 192.168.2.1 255.255.255.0

#

l2tp-group 1

allow l2tp virtual-template 1 remote lac

tunnel password cipher huawei123

tunnel name lns

#

ip route-static 192.168.10.0 255.255.255.0 Virtual-Template1

ip route-static 0.0.0.0 0.0.0.0 192.168.100.2

#

return

 

 

 

 

 

 

  • x
  • convention:

Finn92
Created Oct 27, 2018 07:55:18 Helpful(0) Helpful(0)

can you explain the root casue too , it's very helpful for location issue .

I am very interested for this sharing , which is very helpful to our daily work. I have the similar problems in my daily troubleshooting, but I do not know how to deal with them. Now I have a clear idea. Thank you very much for your post. Hope you can update continue like this , thank you very much .

This post was last edited by Finn92 at 2018-10-31 08:56.
  • x
  • convention:

GongXiaochuan
Created Oct 27, 2018 07:55:21 Helpful(0) Helpful(0)

very good explain steps by steps for us ,thank you sharing

This post was last edited by GongXiaochuan at 2018-10-30 06:27.
  • x
  • convention:

Good Good Study Day Day Up
Torrent
Created Oct 27, 2018 07:56:54 Helpful(0) Helpful(0)

hello, Brother!  can I ask a question, what is LTE port? what is the difference about LTE port from WLAN? usually we use traditional port wan to configure L2TP, but this article show us a good example about how to configure L2TP with LTE port. thanks very much.Configuration L2TP via LTE port.-2787437-1 This post was last edited by Torrent at 2018-10-31 06:16.
  • x
  • convention:

Skay
Created Oct 27, 2018 07:57:30 Helpful(0) Helpful(0)

Thanks for you sharing ,which is very helpful to our daily troubleshooting. I always have similar problems in my daily work, but I do not know how to deal with them. Now I have a clear idea. Thank you very much for your sharing. Hope you can update continue like this
  • x
  • convention:

littlestone
Created Oct 27, 2018 07:59:40 Helpful(0) Helpful(0)

The EAP relay can be configured for 802.1x users only when RADIUS authentication is used.

If AAA local authentication is used, the authentication mode for 802.1x users can only be set to EAP termination.

Because mobile phones do not support EAP termination mode (PAP and CHAP), the 802.1x authentication + local authentication mode cannot be configured for mobile phones. Terminals such as laptop computers support EAP termination mode only after having third-party clients installed

 

This post was last edited by littlestone at 2018-10-30 01:44.
  • x
  • convention:

yangyong
Created Oct 27, 2018 08:02:37 Helpful(0) Helpful(0)

From your sharing I cannot understand the detail, could you share more about this case? Please share the detail configuration of the devices, network topology and detail requirement. With these information we can understand your point more easy. Thank you for your hard working! Look forward your detail sharing. This post was last edited by yangyong at 2018-10-30 13:05.
  • x
  • convention:

No.9527
Created Oct 27, 2018 08:07:29 Helpful(0) Helpful(0)

An L2TP server is deployed in the headquarters and functions as the gateway.

After receiving user information from an L2TP client, the L2TP server authenticates the user and responds to the L2TP tunnel setup request from the L2TP client. Then an L2TP connection is set up between the L2TP server and the L2TP client.

This post was last edited by No.9527 at 2018-10-31 03:44.
  • x
  • convention:

faysalji
Created Oct 27, 2018 17:24:43 Helpful(0) Helpful(0)

Thanks for sharing the case
  • x
  • convention:

If you think my post/reply is useful, please click the Helpful button and flag my post as a BEST ANSWER. Thanks
faysalji
Created Oct 27, 2018 17:26:12 Helpful(0) Helpful(0)

Configuration L2TP via LTE port.-2787997-1
  • x
  • convention:

If you think my post/reply is useful, please click the Helpful button and flag my post as a BEST ANSWER. Thanks
12
Back to list

Reply

Reply
You need to log in to reply to the post Login | Register

Notice Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Login and enjoy all the member benefits

Login and enjoy all the member benefits

Login