华为路由器L2TP VPN配置案例.doc

华为 L2TP VPN Config更新时间: 2007-11-20 18:44:30 作者： 整理自互联网关键词： 华为 华为技术 华为交换机 华为路由器 Quidwaydis cu         #sysname Quidway#l2tp enable#local-user admin password simple adminlocal-user admin service-type telnetlocal-user admin level 3local-user vpdnuser password simple userlocal-user vpdnuser service-type ppplocal-user vpdnuser1 password simple user1local-user vpdnuser1 service-type ppplocal-user vpdnuser2 password simple user2local-user vpdnuser2 service-type ppplocal-user vpdnuser3 password simple user3local-user vpdnuser3 service-type ppplocal-user vpdnuser4 password simple user4local-user vpdnuser4 service-type ppplocal-user vpdnuser5 password simple user5local-user vpdnuser5 service-type ppplocal-user vpdnuser6 password simple user6local-user vpdnuser6 service-type ppplocal-user vpdnuser7 password simple user7local-user vpdnuser7 service-type ppp local-user vpdnuser8 password simple user8local-user vpdnuser8 service-type ppplocal-user vpdnuser9 password simple user9local-user vpdnuser9 service-type ppplocal-user vpdnuser10 password simple user10local-user vpdnuser10 service-type ppplocal-user quidway password simple guofenglocal-user quidway service-type terminal telnetlocal-user quidway level 3#ip pool 1 192.168.1.2 192.168.1.100#aaa enable#ip host 61.172.201.239#firewall enable#isp domain dns primary 202.102.192.68dns secondary 202.102.199.68#interface Virtual-Template1 ppp authentication-mode papip address 192.168.1.1 255.255.255.0remote address pool 1#interface Aux0async mode flowlink-protocol ppp#interface Ethernet0/0ip address 218.22.38.xx 255.255.255.0firewall packet-filter 3001 inboundfirewall packet-filter 3001 outboundnat outbound 2001nat server protocol tcp global 218.22.38.210 www inside 192.168.0.59 www#interface Ethernet0/1ip address 192.168.0.2 255.255.255.0#interface NULL0#acl number 2001rule 0 permit source 192.168.0.0 0.0.0.255#acl number 3001rule 0 deny tcp destination-port eq 135rule 1 deny tcp destination-port eq 139rule 2 deny tcp destination-port eq 4444rule 3 deny tcp destination-port eq 5554rule 4 deny udpdestination-port eq tftprule 6 deny tcp source-port eq 5554 destination-port eq 9995rule 7 deny tcp source-port eq 5554 destination-port eq 9996rule 9 deny tcp destination-port eq 136rule 10 deny tcp destination-port eq 138rule 13 deny udp destination-port eq 135rule 14 deny udp destination-port eq 136rule 15 deny udp destination-port eq 389rule 16 deny udp destination-port eq 445rule 17 deny tcp destination-port eq 4899rule 18 deny tcp destination-port eq sunrpcrule 19 deny tcp destination-port eq 6588rule 20 deny tcp destination-port eq 1978rule 21 deny tcp destination-port eq 593rule 22 deny tcp destination-port eq 3389rule 23 deny tcp destination-port eq 137rule 24 deny udp destination-port eq snmprule 26 deny tcp destination-port eq 445rule 27 deny tcp destination-port eq 2745rule 28 deny tcp destination-port eq 1080rule 29 deny tcp destination-port eq 6129rule 30 deny tcp destination-port eq 3127rule 31 deny tcp destination-port eq 3128rule 32 deny udp destination-port eq netbios-dgmrule 33 deny udp destination-port eq netbios-nsrule 34 deny tcp destination-port eq 5800rule 35 deny tcp destination-port eq 6667rule 36 deny tcp destination-port eq 1025rule 38 deny tcp destination-port eq 1068rule 39 deny tcp destination-port eq 9995rule 40 deny udp destination-port eq netbios-ssnrule 41 deny tcp destination-port eq 539rule 42 deny udp destination-port eq 539rule 43 deny udp destination-port eq 1434rule 44 deny udp destination-port eq 593#l2tp-group 1undo tunnel authenticationmandatory-lcpallow l2tp virtual-template 1 #ip route-static 0.0.0.0 0.0.0.0 218.22.38.209 preference 60#snmp-agentsnmp-agent local-engineid 000007DB7F000001000075A7snmp-agent sys-info version v3#user-interface con 0authentication-mode localuser-interface aux 0user-interface vty 0 4authentication-mode local#returnAcknowledgements My deepest gratitude goes first and foremost to Professor aaa , my supervisor, for her constant encouragement and guidance. She has walked me through all the stages of the writing of this thesis. Without her consistent and illuminating instruction, this thesis could not havereached its present form. Second, I would like to express my heartfelt gratitude to Professor aaa, who led me into the world of translation. I am also greatly indebted to the professors and teachers at the Department of English: Professor dddd, Professor ssss, who have instructed and helped me a lot in the past two years. Last my thanks would go to my beloved family for their loving considerations and great confidence in me all through these years. I also owe my sincere gratitude to my friends and my fellow classmates who gave me their help and time in listening to me and helping me work out my problems during the difficult course of the thesis. My deepest gratitude goes first and foremost to Professor aaa , my supervisor, for her constant encouragement and guidance. She has walked me through all the stages of the writing of this thesis. Without her consistent and illuminating instruction, this thesis could not havereached its present form. Second, I would like to express my heartfelt gratitude to Professor aaa, who led me into the world of translation. I am also greatly indebted to the professors and teachers at the Department of English: Professor dddd, Professor ssss, who have instructed and helped me a lot in the past two years. Last my thanks would go to my beloved family for their loving considerations and great confidence in me all through these years. I also owe my sincere gratitude to my friends and my fellow classmates who gave me their help and time in listening to me and helping me work out my problems during the difficult course of the thesis.