Comware Based
cancel
Showing results for 
Search instead for 
Did you mean: 

MSR930 (JG512A) L2TP client initiated VPN

 
JanezKovacic
Occasional Contributor

MSR930 (JG512A) L2TP client initiated VPN

Hi!

Can someone help me with L2TP client initiated VPN connection configuration.

I would like to make VPN connection from PC to MSR930 router

I've followed MSR guide and can't make it work.

This is my configuration:

 sysname HP930-Router
#
 clock timezone Belgrade add 01:00:00
#
 l2tp enable
#
 firewall enable
#
 domain default enable system
#
 dar p2p signature-file flash:/p2p_default.mtd
#
 port-security enable
#
 undo ip http enable
#
 wlan country-code SI
#
 password-recovery enable
#
vlan 1
 description *Local LAN*
#
domain system
 authentication ppp local
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
 ip pool 1 192.168.50.2 192.168.50.10
#
dhcp server ip-pool lan extended
 network ip range 192.168.5.101 192.168.5.150
 network mask 255.255.255.0
 gateway-list 192.168.5.1
 dns-list 193.189.160.13 193.189.160.23
#
aspf-policy 1
 detect HTTPS
 detect HTTP
 detect TCP
 detect UDP
#
user-group system
 group-attribute allow-guest
#
local-user admin
 password cipher ***
 authorization-attribute level 3
 service-type ssh telnet terminal
 service-type ppp
 service-type web
#
wlan rrm
 dot11b mandatory-rate 1 2
 dot11b supported-rate 5.5 11
 dot11g mandatory-rate 1 2 5.5 11
 dot11g supported-rate 6 9 12 18 24 36 48 54
#
wlan service-template 1 crypto
 ssid Kovacic WiFi
 cipher-suite ccmp
 security-ie rsn
 service-template enable
#
cwmp
 undo cwmp enable
#
l2tp-group 1
 undo tunnel authentication
 allow l2tp virtual-template 0
#
interface Aux0
 async mode flow
 link-protocol ppp
#
interface Cellular0/0
 async mode protocol
 link-protocol ppp
#
interface Dialer10
 description *PPPoE SIOL*
 nat outbound
 link-protocol ppp
 ppp chap user ***
 ppp chap password cipher***
 ppp pap local-user fkovac20 password cipher ***
 ppp ipcp dns admit-any
 ppp ipcp dns request
 mtu 1492
 ip address ppp-negotiate
 tcp mss 1024
 dialer user username
 dialer-group 10
 dialer bundle 10
#
interface Virtual-Template0
 ppp authentication-mode chap domain system
 ppp ipcp remote-address forced
 remote address pool 1
 ip address 192.168.50.1 255.255.255.0
#
interface NULL0
#
interface Vlan-interface1
 description *Local LAN*
 ip address 192.168.5.1 255.255.255.0
 tcp mss 1350
 dhcp server apply ip-pool lan
 ip virtual-reassembly
#
interface GigabitEthernet0/0
 port link-mode route
 description *WAN*
 nat outbound
 pppoe-client dial-bundle-number 10
 ip virtual-reassembly
#
interface GigabitEthernet0/1
 port link-mode bridge
#
interface GigabitEthernet0/2
 port link-mode bridge
#
interface GigabitEthernet0/3
 port link-mode bridge
#
interface GigabitEthernet0/4
 port link-mode bridge
#
interface WLAN-BSS1
 description *Home WiFi*
 port-security port-mode psk
 port-security tx-key-type 11key
 port-security preshared-key pass-phrase cipher $c$3$8DW6BLwfI4fLYwF2Xu7geciO4jfCwP4J3zD7CN20
#
interface WLAN-BSS32
 description *Home WiFi*
 port-security port-mode psk
 port-security tx-key-type 11key
 port-security preshared-key pass-phrase cipher $c$3$8DW6BLwfI4fLYwF2Xu7geciO4jfCwP4J3zD7CN20
#
interface WLAN-Radio3/0
 service-template 1 interface wlan-bss 1
#
 ip route-static 0.0.0.0 0.0.0.0 Dialer10
#
 dhcp enable
#
 ntp-service unicast-server 193.77.204.20
#
 ssh server enable
 ssh server authentication-timeout 10
 undo ssh server compatible-ssh1x
 sftp server enable
#
 ip https enable
#
 dialer-rule 10 ip permit
#
 nms primary monitor-interface Dialer10
#
 load xml-configuration
#
 load tr069-configuration
#
user-interface tty 12
user-interface aux 0
user-interface vty 0 4
 authentication-mode scheme
#
return

2 REPLIES
VoIP-Buddy
HPE Pro

Re: MSR930 (JG512A) L2TP client initiated VPN

Janez,

Have you tried turning on the debugging log to see what is happening?  Try...

> debug l2tp error

> debug l2tp event

> debug ipsec error

> debug ipsec event

> debug ike error

> debug ike event

> terminal debug

> terminal monitor

Then try the connection and see what happens.  It could be a key exchange issue, connectivity problem, or something else.  This will help.

Happy Holidays!

Regards,

David

JanezKovacic
Occasional Contributor

Re: MSR930 (JG512A) L2TP client initiated VPN

Hi!

 

thanks for these infos, but nothins shows in log :/

do I have to configure IPsec and L2tp to get it work?

 

curently i have only l2tp configured.