- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Comware Based
- >
- MSR930 (JG512A) L2TP client initiated VPN
-
-
Categories
- Topics
- Hybrid IT with Cloud
- Mobile & IoT
- IT for Data & Analytics
- Transformation
- Strategy and Technology
- Products
- Cloud
- Integrated Systems
- Networking
- Servers and Operating Systems
- Services
- Storage
- Company
- Events
- Partner Solutions and Certifications
- Welcome
- Welcome
- Announcements
- Tips and Tricks
- Feedback
-
Blogs
- Alliances
- Around the Storage Block
- Behind the scenes @ Labs
- Converged Data Center Infrastructure
- Digital Transformation
- Grounded in the Cloud
- HPE Careers
- HPE Storage Tech Insiders
- Infrastructure Insights
- Inspiring Progress
- Internet of Things (IoT)
- My Learning Certification
- Networking
- OEM Solutions
- Servers: The Right Compute
- Telecom IQ
- Transforming IT
-
Quick Links
- Community
- Getting Started
- FAQ
- Ranking Overview
- Rules of Participation
- Contact
- Email us
- Tell us what you think
- Information Libraries
- Integrated Systems
- Networking
- Servers
- Storage
- Other HPE Sites
- Support Center
- Enterprise.nxt
- Marketplace
- Aruba Airheads Community
-
Categories
-
Forums
-
Blogs
-
InformationEnglish
MSR930 (JG512A) L2TP client initiated VPN
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
12-22-2016 02:18 AM
12-22-2016 02:18 AM
MSR930 (JG512A) L2TP client initiated VPN
MSR930 (JG512A) L2TP client initiated VPN
Hi!
Can someone help me with L2TP client initiated VPN connection configuration.
I would like to make VPN connection from PC to MSR930 router
I've followed MSR guide and can't make it work.
This is my configuration:
sysname HP930-Router
#
clock timezone Belgrade add 01:00:00
#
l2tp enable
#
firewall enable
#
domain default enable system
#
dar p2p signature-file flash:/p2p_default.mtd
#
port-security enable
#
undo ip http enable
#
wlan country-code SI
#
password-recovery enable
#
vlan 1
description *Local LAN*
#
domain system
authentication ppp local
access-limit disable
state active
idle-cut disable
self-service-url disable
ip pool 1 192.168.50.2 192.168.50.10
#
dhcp server ip-pool lan extended
network ip range 192.168.5.101 192.168.5.150
network mask 255.255.255.0
gateway-list 192.168.5.1
dns-list 193.189.160.13 193.189.160.23
#
aspf-policy 1
detect HTTPS
detect HTTP
detect TCP
detect UDP
#
user-group system
group-attribute allow-guest
#
local-user admin
password cipher $c$3$Zvg+xjhVa5c/x6+pnATPXiePFVPR3P8FeTNGcU4=
authorization-attribute level 3
service-type ssh telnet terminal
service-type ppp
service-type web
#
wlan rrm
dot11b mandatory-rate 1 2
dot11b supported-rate 5.5 11
dot11g mandatory-rate 1 2 5.5 11
dot11g supported-rate 6 9 12 18 24 36 48 54
#
wlan service-template 1 crypto
ssid Kovacic WiFi
cipher-suite ccmp
security-ie rsn
service-template enable
#
cwmp
undo cwmp enable
#
l2tp-group 1
undo tunnel authentication
allow l2tp virtual-template 0
#
interface Aux0
async mode flow
link-protocol ppp
#
interface Cellular0/0
async mode protocol
link-protocol ppp
#
interface Dialer10
description *PPPoE SIOL*
nat outbound
nat server 1 protocol tcp global current-interface 3389 inside 192.168.5.10 3389
nat server 2 protocol tcp global current-interface 9983 inside 192.168.5.30 9981
nat server 3 protocol tcp global current-interface 9984 inside 192.168.5.30 9982
nat server 4 protocol tcp global current-interface 26 inside 192.168.5.30 22
nat server 5 protocol tcp global current-interface 9981 inside 192.168.5.40 9981
nat server 6 protocol tcp global current-interface 9982 inside 192.168.5.40 9982
nat server 8 protocol tcp global current-interface 9000 inside 192.168.5.50 9000
nat server 9 protocol tcp global current-interface 9090 inside 192.168.5.50 9090
nat server 7 protocol tcp global current-interface 27 inside 192.168.5.40 22
nat server 10 protocol tcp global current-interface 3390 inside 192.168.5.90 3389
nat server 11 protocol tcp global current-interface 9985 inside 192.168.5.20 9981
nat server 12 protocol tcp global current-interface 9986 inside 192.168.5.20 9982
nat server 13 protocol tcp global current-interface 28 inside 192.168.5.20 22
link-protocol ppp
ppp chap user fkovac20
ppp chap password cipher $c$3$SBVoZg841CjQCXszi5LAOX1tuhGvQnnUblZS
ppp pap local-user fkovac20 password cipher $c$3$HP8ZEhavG86bcaXa8pBLPqJwqoYs5oNhOlb8
ppp ipcp dns admit-any
ppp ipcp dns request
mtu 1492
ip address ppp-negotiate
tcp mss 1024
dialer user username
dialer-group 10
dialer bundle 10
#
interface Virtual-Template0
ppp authentication-mode chap domain system
ppp ipcp remote-address forced
remote address pool 1
ip address 192.168.50.1 255.255.255.0
#
interface NULL0
#
interface Vlan-interface1
description *Local LAN*
ip address 192.168.5.1 255.255.255.0
tcp mss 1350
dhcp server apply ip-pool lan
ip virtual-reassembly
#
interface GigabitEthernet0/0
port link-mode route
description *WAN*
nat outbound
pppoe-client dial-bundle-number 10
ip virtual-reassembly
#
interface GigabitEthernet0/1
port link-mode bridge
#
interface GigabitEthernet0/2
port link-mode bridge
#
interface GigabitEthernet0/3
port link-mode bridge
#
interface GigabitEthernet0/4
port link-mode bridge
#
interface WLAN-BSS1
description *Home WiFi*
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase cipher $c$3$8DW6BLwfI4fLYwF2Xu7geciO4jfCwP4J3zD7CN20
#
interface WLAN-BSS32
description *Home WiFi*
port-security port-mode psk
port-security tx-key-type 11key
port-security preshared-key pass-phrase cipher $c$3$8DW6BLwfI4fLYwF2Xu7geciO4jfCwP4J3zD7CN20
#
interface WLAN-Radio3/0
service-template 1 interface wlan-bss 1
#
ip route-static 0.0.0.0 0.0.0.0 Dialer10
#
dhcp enable
#
ntp-service unicast-server 193.77.204.20
#
ssh server enable
ssh server authentication-timeout 10
undo ssh server compatible-ssh1x
sftp server enable
#
ip https enable
#
dialer-rule 10 ip permit
#
nms primary monitor-interface Dialer10
#
load xml-configuration
#
load tr069-configuration
#
user-interface tty 12
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
12-22-2016 07:09 AM
12-22-2016 07:09 AM
Re: MSR930 (JG512A) L2TP client initiated VPN
Re: MSR930 (JG512A) L2TP client initiated VPN
Janez,
Have you tried turning on the debugging log to see what is happening? Try...
> debug l2tp error
> debug l2tp event
> debug ipsec error
> debug ipsec event
> debug ike error
> debug ike event
> terminal debug
> terminal monitor
Then try the connection and see what happens. It could be a key exchange issue, connectivity problem, or something else. This will help.
Happy Holidays!
Regards,
David
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
12-23-2016 01:30 AM
12-23-2016 01:30 AM
Re: MSR930 (JG512A) L2TP client initiated VPN
Re: MSR930 (JG512A) L2TP client initiated VPN
Hi!
thanks for these infos, but nothins shows in log :/
do I have to configure IPsec and L2tp to get it work?
curently i have only l2tp configured.
Hewlett Packard Enterprise International
- Communities
- HPE Blogs and Forum
© Copyright 2018 Hewlett Packard Enterprise Development LP