Netscreen配置L2TP ×××

L2TP ×××主要是为了解决移动办公人员联入公司内网的一种解决方案。我们来演示一下配置。拓扑：Netscreen Configuration：set int eth3 ip 200.1.1.2/24

.

L2TP ×××主要是为了解决移动办公人员联入公司内网的一种解决方案。我们来演示一下配置。

拓扑：

Netscreen Configuration：

set int eth3 ip 200.1.1.2/24

set int eth3 manage

set route 0.0.0.0 0.0.0.0 int eth3 gateway 200.1.1.1

.1.定义一个地址池..set ippool ruru 192.168.3.1 192.168.3.254..2.修改L2TP缺省配置..set l2tp default dns1 220.189.127.106..set l2tp default dns2 220.189.127.107..set l2tp default ippool ruru..3.定义l2tp-tunnel..set l2tp l2tp*** outgoing-interface eth3 keepalive 3600..set l2tp l2tp*** remote-setting ippool ruru..4.定义两个个内网测试地址：..set int lo.1 zone trust.

set int lo.1 ip 192.168.1.1/24

set int lo.1 manage

.set int lo.2 zone trust.

set int lo.2 ip 192.168.2.1/24

set int lo.2 manage

.5.定义内网地址本：..set address trust 192.168.1.0 192.168.1.0/24..set address trust 192.168.2.0 192.168.2.0/24..6.定义L2TP user：..set user rujinfeng type l2tp..set user rujinfeng remote ippool ruru..set user rujinfeng password rujinfeng..set user rujinfeng enable..7.定义policy..set policy top from untrust to trust "Dial-Up ×××" 192.168.1.0 any tun l2tp l2tp***..set policy top from untrust to trust "Dial-Up ×××" 192.168.2.0 any tun l2tp l2tp***.

ISP:

int e0/0

ip add 200.1.1.1 255.255.255.0

no sh

int e0/1

ip add 200.1.2.1 255.255.255.0

no sh

虚拟机XP配置：

配IP和网关 省略

.