实验三十九、×××(L2TP/PPTP)的配置

一、 实验目的

1. 掌握二层协议建立××× 的配置

2. 理解L2TP 与PPTP 原理

二、 应用环境

L2TP 和PPTP 为移动用户和分支机构连入总部提供了安全保证。

三、 实验设备

1. DCR-1751 一台

2. PC 机 一台

四、 实验拓扑

实验三十九、×××(L2TP/PPTP)的配置_PPTP

五、 实验要求

配置表

Router-A Router-B

S1/1 192.168.1.1/24 S1/0 192.168.1.2/24

F0/0 192.168.0.0/24 F0/0 192.168.2.1/24

结果:

在路由器A 与B 之间建立×××,保护从A 到B 的数据

六、 实验步骤

第一步:参照实验三和上表配置接口地址并测试连通性

第二步:路由器A 的配置

Router-A#conf Router-A_config#int virtual-tunnel 0

Router-A_config_vn0#ip address 172.16.1.2 255.255.255.0

Router-A_config_vn0#ppp chap host test@dcn.net

Router-A_config_vn0#ppp chap password 1234

Router-A_config_vn0#exit

Router-A_config#vpdn enable

Router-A_config#vpdn-group 0

Router-A_config_vpdn#request-dialin

Router-A_config_vpdn#initiate-to ip 192.168.1.2 priority 1

Router-A_config_vpdn#protocol l2tp

Router-A_config_vpdn#domain dcn.net

Router-A_config_vn0#exit

Router-A_config#ip route 192.168.2.0 255.255.255.0 virtual-tunnel 0

第三步:查看路由器A 的配置

Router-A#sh l2tp tunnel

L2TP Tunnel Information:

No active tunnels

Router-A#sh l2tp session

L2TP Session Information:

No active sessions

Router-A#sh int virtual-tunnel 0

Virtual-tunnel0 is up, line protocol is down

Hardware is Unknown device

Interface address is 172.16.1.2/24

MTU 1500 bytes, BW 100000 kbit, DLY 10000 usec

Encapsulation PPP, loopback not set

Keepalive set(10 sec)

LCP Listening -- waiting for remote host to attempt open

IPCP Listening -- waiting for remote host to attempt open

local IP address: 172.16.1.2 remote IP address: 0.0.0.

第四步:路由器B 的配置

Router-B#conf

Router-B_config#user test@dcn.net password 0 1234

Router-B_config#ip local pool l2tppool 172.16.1.10 10

Router-B_config#int virtual-template 0

Router-B_config_vt0#ip address 172.16.1.1 255.255.255.0

Router-B_config_vt0#ppp authen chap

Router-B_config_vt0#peer default ip address pool l2tppool

Router-B_config_vt0#exit

Router-B_config#vpdn enable Router-B_config#vpdn-group 0

Router-B_config_vpdn#accept-dialin

Router-B_config_vpdn#protocol l2tp

Router-B_config_vpdn#lcp-renegotiation

Router-B_config_vpdn#virtual-template 0

Router-B_config_vpdn#exit

Router-B_config#ip route 192.168.0.0 255.255.255.0 171.16.1.2

Router-B_config#^Z

第五步:查看B 的配置

Router-B# sh run

Building configuration...

Current configuration:

!

!version 1.3.2E

service timestamps log date

service timestamps debug date

no service password-encryption

!

hostname Router-B

!

ip host a 192.168.1.1

ip host c 192.168.2.2

!

!

!

!

ip local pool l2tppool 172.16.1.10 10

!

username test@dcn.net password 0 1234

!

!

!

interface Virtual-template0

ip address 172.16.1.1 255.255.255.0

no ip directed-broadcast

ppp authentication chap

peer default ip address pool l2tppool

!

interface FastEthernet0/0

ip address 192.168.2.1 255.255.255.0

no ip directed-broadcast

! interface Serial1/0

ip address 192.168.1.2 255.255.255.0

no ip directed-broadcast

!

interface Async0/0

no ip address

no ip directed-broadcast

!

!

!

!

ip route 192.168.0.0 255.255.255.0 171.16.1.2

!

!

!

!

!

!

!

!

vpdn enable

!

vpdn-group 0

accept-dialin

lcp-renegotiation

protocol l2tp

local-name Digitalchina

virtual-template 0

第五步:测试

实验三十九、×××(L2TP/PPTP)的配置_VPN_02