PPPOE+L2TP+IPSEC(IPSEC over L2TP)配置.doc

PPPOE+L2TP+IPSEC (IPSEC over L2TP)配置 LNS+EZVPN_server Configuration （loopback 0接口模拟internal f0/0） LNS#sh run Building configuration... Current configuration : 2005 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R666 ! boot-start-marker boot-end-marker ! ! aaa new-model ! ! aaa authentication login xinjialove local aaa authorization network xinjialove local ! aaa session-id common ! resource policy ! ip cef ! ! ! ! no ip domain lookup vpdn enable ! vpdn-group l2tp accept-dialin protocol l2tp virtual-template 1 terminate-from hostname R222 local name R666 l2tp tunnel password 0 cisco ! ! ! ! ! username xinjialove@ password 0 xinjialove username cisco password 0 cisco ! ! ! crypto isakmp policy 10 hash md5 authentication pre-share group 2 ! crypto isakmp client configuration group xinjialove key xinjialove ! ! crypto ipsec transform-set xinjialove esp-des esp-md5-hmac ! crypto dynamic-map xinjialove 10 set transform-set xinjialove reverse-route ! ! crypto map xinjialove client authentication list xinjialove crypto map xinjialove isakmp authorization list xinjialove crypto map xinjialove 10 ipsec-isakmp dynamic xinjialove ! ! ! ! interface Loopback0 ip address 55 ! interface FastEthernet0/0 no ip address shutdown duplex half ! interface Serial1/0 ip address serial restart-delay 0 ! interface Serial1/1 no ip address shutdown serial restart-delay 0 ! interface Serial1/2 no ip address shutdown serial restart-delay 0 ! interface Serial1/3 no ip address shutdown serial restart-delay 0 ! interface FastEthernet2/0 no ip address shutdown duplex half ! interface Virtual-Template1 ip unnumbered Serial1/0 peer default ip address pool xinjialove ppp authentication chap crypto map xinjialove ! ip local pool xinjialove 54 ip route Serial1/0 no ip http server no ip http secure-server ! ! ! logging alarm informational ! ! ! ! ! control-plane ! ! line con