How to configure an S series switch that connects to router and users if the users use dial-up access

12

When an S series switch connects to router and users and the users use dial-up access, PPPoE dial-up needs to be configured only on the router rather than the switch.
The switch only needs to forward user packets to the router through the Layer 2 network. VLANs do not need to be configured. In this case, all users belong to the default VLAN VLAN 1. VLANs can also be configured to separate users.
For specific VLAN configuration, see "Common VLAN Operations" in S12700 Common Operation Guide

Other related questions:
Method used to configure the L2TP over IPSec dial-up access for iPhone and Mac users on the USG2000 and USG5000
The method used to configure the L2TP over IPSec dial-up access for iPhone and Mac users on the USG2000 and USG5000 is as follows: 1. The configuration on the iPhone is as follows: Choose Settings > General > Network > VPN. Select Add VPN Configuration. On the Add Configuration screen, select L2TP from Type. Set the L2TP options as follows: Description: L2TP VPN description. In this example, it can be set to any value. Server: L2TP VPN server address. In this example, it is set to 188.135.3.146, that is, the IP address of the firewall. Account: L2TP user name. It is set to the user name configured for the AAA on the firewall. RSA SecurID: It determines whether to perform verification using the RSA ID. In this example, it is disabled. Password: Password of the L2TP user. It is consistent with the user name. Secret: Exchange key of the L2TP VPN, that is, the pre-shared key in the IKE. In this example, it is set to nawras. Send All Traffic: It is enabled, so that all traffic is transmitted over the VPN. IPSec configuration: Generally, after you configure the L2TP options, the IPSec options are automatically filled in by the system. If not, fill in the options as follows: Description: VPN description. In this example, it can be set to any value. Server: IP address of the firewall interface. In this example, it is set to 188.135.3.146. Account: L2TP user name. It is set to the user name configured for the AAA on the firewall. Password: Password of the L2TP user. It is consistent with the user name. User Certificate: The certificate is not required. This option is unavailable. Group Name: The group name is not required. It can be left blank. Secret: Pre-shared key in the IKE. In this example, it is set to nawras. 2. Configuration on the Mac OS: a. VPN configuration on the Mac PC: The IKE negotiation is set to the main mode. The encryption algorithm for the IKE negotiation is set to 3DES. The authentication algorithm is set to SHA-1. The authentication method is set to PRE-SHARED-KEY (PSK). The IPSec negotiation is set to transport mode. The IPSec encryption algorithm is set to 3DES. The IPSec authentication algorithm is set to MD5. b. Configuration procedure: Click Network. Click "+" in the lower left corner, and create a new service. Set VPN Type to L2TP over IPSec and Service Name to any value, for example, VPN (L2TP). Set Service Address to the interface IP address of the firewall, and Account Name to the L2TP user name that must have been configured for the AAA. Then, click Authentication Setting. Set password to the password of the L2TP user, and Shared Secret to the pre-shared key in the IKE peer, for example, nawras. After the parameters are set, click OK. Then, click Apply in the lower right corner to validate the settings. If the VPN connection is required, click Connect. The system automatically initiates the L2TP over IPSec negotiation. After the connection is established, the current state is displayed as Connected. A new IP address is allocated, that is, allocated by the L2TP.

AR router troubleshooting guide: An AR router cannot access the Internet through PPPoE dial-up connections
For the problem that an AR router cannot access the Internet through PPPoE dial-up connections, see the troubleshooting guide. For details, access the URL in the right column.

How do I assign DNS to L2TP dial-up users
You can use either of the following methods: -Use the DNS server address specified in the address pool. 1.Create an address pool and specify the DNS server address in the address pool. system-view [sysname] ip pool l2tp_pool [sysname-pool-l2tp_pool] section 0 1.1.1.1 1.1.1.10 [sysname-pool-l2tp_pool] dns-list 2.2.2.1 //Change the DNS server address to the actual address. [sysname-pool-l2tp_pool] quit 2.Create a service scheme and reference the address pool.[sysname] aaa [sysname-aaa] service-scheme srvscheme1 [sysname-aaa-service-srvscheme1] ip-pool l2tp_pool //Change the DNS server address to the actual address. 3.Reference the service scheme in the authentication domain. system-view [sysname] aaa [sysname-aaa] domain domain1 //Change the authentication domain to the one used when you configure L2TP. [sysname-aaa-domain1] service-scheme srvscheme1 -Use the DNS server address specified in the service scheme. 1.Create a service scheme. system-view [sysname] aaa [sysname-aaa] service-scheme srvscheme1 [sysname-aaa-service_srvscheme1] dns 2.2.2.1 //Change the DNS server address to the actual address. 2.Reference the service scheme in the authentication domain. system-view [sysname] aaa [sysname-aaa] domain domain1 //Change the authentication domain to the one used when you configure L2TP. [sysname-aaa-domain-domain1] service-scheme srvscheme1 //Reference the service scheme in the authentication domain. If DNS server addresses are specified in both the address pool and service scheme, the DNS server address specified in the address pool is preferentially used.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top