华为 L2TP VPN Config
来源:互联网 发布:港台网络高清电视直播 编辑:程序博客网 时间:2024/06/11 17:08
[Quidway]dis cu
#
sysname Quidway
#
l2tp enable
#
local-user admin password simple admin
local-user admin service-type telnet
local-user admin level 3
local-user vpdnuser password simple user
local-user vpdnuser service-type ppp
local-user vpdnuser1 password simple user1
local-user vpdnuser1 service-type ppp
local-user vpdnuser2 password simple user2
local-user vpdnuser2 service-type ppp
local-user vpdnuser3 password simple user3
local-user vpdnuser3 service-type ppp
local-user vpdnuser4 password simple user4
local-user vpdnuser4 service-type ppp
local-user vpdnuser5 password simple user5
local-user vpdnuser5 service-type ppp
local-user vpdnuser6 password simple user6
local-user vpdnuser6 service-type ppp
local-user vpdnuser7 password simple user7
local-user vpdnuser7 service-type ppp
local-user vpdnuser8 password simple user8
local-user vpdnuser8 service-type ppp
local-user vpdnuser9 password simple user9
local-user vpdnuser9 service-type ppp
local-user vpdnuser10 password simple user10
local-user vpdnuser10 service-type ppp
local-user quidway password simple guofeng
local-user quidway service-type terminal telnet
local-user quidway level 3
#
ip pool 1 192.168.1.2 192.168.1.100
#
aaa enable
#
ip host www.sina.com.cn 61.172.201.239
#
firewall enable
#
isp domain sina.com.cn
dns primary 202.102.192.68
dns secondary 202.102.199.68
#
interface Virtual-Template1
ppp authentication-mode pap
ip address 192.168.1.1 255.255.255.0
remote address pool 1
#
interface Aux0
async mode flow
link-protocol ppp
#
interface Ethernet0/0
ip address 218.22.38.xx 255.255.255.0
firewall packet-filter 3001 inbound
firewall packet-filter 3001 outbound
nat outbound 2001
nat server protocol tcp global 218.22.38.210 www inside 192.168.0.59 www
#
interface Ethernet0/1
ip address 192.168.0.2 255.255.255.0
#
interface NULL0
#
acl number 2001
rule 0 permit source 192.168.0.0 0.0.0.255
#
acl number 3001
rule 0 deny tcp destination-port eq 135
rule 1 deny tcp destination-port eq 139
rule 2 deny tcp destination-port eq 4444
rule 3 deny tcp destination-port eq 5554
rule 4 deny udp destination-port eq tftp
rule 6 deny tcp source-port eq 5554 destination-port eq 9995
rule 7 deny tcp source-port eq 5554 destination-port eq 9996
rule 9 deny tcp destination-port eq 136
rule 10 deny tcp destination-port eq 138
rule 13 deny udp destination-port eq 135
rule 14 deny udp destination-port eq 136
rule 15 deny udp destination-port eq 389
rule 16 deny udp destination-port eq 445
rule 17 deny tcp destination-port eq 4899
rule 18 deny tcp destination-port eq sunrpc
rule 19 deny tcp destination-port eq 6588
rule 20 deny tcp destination-port eq 1978
rule 21 deny tcp destination-port eq 593
rule 22 deny tcp destination-port eq 3389
rule 23 deny tcp destination-port eq 137
rule 24 deny udp destination-port eq snmp
rule 26 deny tcp destination-port eq 445
rule 27 deny tcp destination-port eq 2745
rule 28 deny tcp destination-port eq 1080
rule 29 deny tcp destination-port eq 6129
rule 30 deny tcp destination-port eq 3127
rule 31 deny tcp destination-port eq 3128
rule 32 deny udp destination-port eq netbios-dgm
rule 33 deny udp destination-port eq netbios-ns
rule 34 deny tcp destination-port eq 5800
rule 35 deny tcp destination-port eq 6667
rule 36 deny tcp destination-port eq 1025
rule 38 deny tcp destination-port eq 1068
rule 39 deny tcp destination-port eq 9995
rule 40 deny udp destination-port eq netbios-ssn
rule 41 deny tcp destination-port eq 539
rule 42 deny udp destination-port eq 539
rule 43 deny udp destination-port eq 1434
rule 44 deny udp destination-port eq 593
#
l2tp-group 1
undo tunnel authentication
mandatory-lcp
allow l2tp virtual-template 1
#
ip route-static 0.0.0.0 0.0.0.0 218.22.38.209 preference 60
#
snmp-agent
snmp-agent local-engineid 000007DB7F000001000075A7
snmp-agent sys-info version v3
#
user-interface con 0
authentication-mode local
user-interface aux 0
user-interface vty 0 4
authentication-mode local
#
return
WINDOWS客户端需要配置禁用IPSEC加密:
修改注册表:HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/RasMan/Parameters
下修改ProhibitIPSec,值为,1.
如果没有此键,请自行创建
#
sysname Quidway
#
l2tp enable
#
local-user admin password simple admin
local-user admin service-type telnet
local-user admin level 3
local-user vpdnuser password simple user
local-user vpdnuser service-type ppp
local-user vpdnuser1 password simple user1
local-user vpdnuser1 service-type ppp
local-user vpdnuser2 password simple user2
local-user vpdnuser2 service-type ppp
local-user vpdnuser3 password simple user3
local-user vpdnuser3 service-type ppp
local-user vpdnuser4 password simple user4
local-user vpdnuser4 service-type ppp
local-user vpdnuser5 password simple user5
local-user vpdnuser5 service-type ppp
local-user vpdnuser6 password simple user6
local-user vpdnuser6 service-type ppp
local-user vpdnuser7 password simple user7
local-user vpdnuser7 service-type ppp
local-user vpdnuser8 password simple user8
local-user vpdnuser8 service-type ppp
local-user vpdnuser9 password simple user9
local-user vpdnuser9 service-type ppp
local-user vpdnuser10 password simple user10
local-user vpdnuser10 service-type ppp
local-user quidway password simple guofeng
local-user quidway service-type terminal telnet
local-user quidway level 3
#
ip pool 1 192.168.1.2 192.168.1.100
#
aaa enable
#
ip host www.sina.com.cn 61.172.201.239
#
firewall enable
#
isp domain sina.com.cn
dns primary 202.102.192.68
dns secondary 202.102.199.68
#
interface Virtual-Template1
ppp authentication-mode pap
ip address 192.168.1.1 255.255.255.0
remote address pool 1
#
interface Aux0
async mode flow
link-protocol ppp
#
interface Ethernet0/0
ip address 218.22.38.xx 255.255.255.0
firewall packet-filter 3001 inbound
firewall packet-filter 3001 outbound
nat outbound 2001
nat server protocol tcp global 218.22.38.210 www inside 192.168.0.59 www
#
interface Ethernet0/1
ip address 192.168.0.2 255.255.255.0
#
interface NULL0
#
acl number 2001
rule 0 permit source 192.168.0.0 0.0.0.255
#
acl number 3001
rule 0 deny tcp destination-port eq 135
rule 1 deny tcp destination-port eq 139
rule 2 deny tcp destination-port eq 4444
rule 3 deny tcp destination-port eq 5554
rule 4 deny udp destination-port eq tftp
rule 6 deny tcp source-port eq 5554 destination-port eq 9995
rule 7 deny tcp source-port eq 5554 destination-port eq 9996
rule 9 deny tcp destination-port eq 136
rule 10 deny tcp destination-port eq 138
rule 13 deny udp destination-port eq 135
rule 14 deny udp destination-port eq 136
rule 15 deny udp destination-port eq 389
rule 16 deny udp destination-port eq 445
rule 17 deny tcp destination-port eq 4899
rule 18 deny tcp destination-port eq sunrpc
rule 19 deny tcp destination-port eq 6588
rule 20 deny tcp destination-port eq 1978
rule 21 deny tcp destination-port eq 593
rule 22 deny tcp destination-port eq 3389
rule 23 deny tcp destination-port eq 137
rule 24 deny udp destination-port eq snmp
rule 26 deny tcp destination-port eq 445
rule 27 deny tcp destination-port eq 2745
rule 28 deny tcp destination-port eq 1080
rule 29 deny tcp destination-port eq 6129
rule 30 deny tcp destination-port eq 3127
rule 31 deny tcp destination-port eq 3128
rule 32 deny udp destination-port eq netbios-dgm
rule 33 deny udp destination-port eq netbios-ns
rule 34 deny tcp destination-port eq 5800
rule 35 deny tcp destination-port eq 6667
rule 36 deny tcp destination-port eq 1025
rule 38 deny tcp destination-port eq 1068
rule 39 deny tcp destination-port eq 9995
rule 40 deny udp destination-port eq netbios-ssn
rule 41 deny tcp destination-port eq 539
rule 42 deny udp destination-port eq 539
rule 43 deny udp destination-port eq 1434
rule 44 deny udp destination-port eq 593
#
l2tp-group 1
undo tunnel authentication
mandatory-lcp
allow l2tp virtual-template 1
#
ip route-static 0.0.0.0 0.0.0.0 218.22.38.209 preference 60
#
snmp-agent
snmp-agent local-engineid 000007DB7F000001000075A7
snmp-agent sys-info version v3
#
user-interface con 0
authentication-mode local
user-interface aux 0
user-interface vty 0 4
authentication-mode local
#
return
WINDOWS客户端需要配置禁用IPSEC加密:
修改注册表:HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/RasMan/Parameters
下修改ProhibitIPSec,值为,1.
如果没有此键,请自行创建
- 华为 L2TP VPN Config
- HuaWei L2TP VPN Config
- L2TP VPN
- L2TP VPN
- l2tp vpn
- VPN技术详解 L2TP VPN
- L2TP(vpn+证书)
- ras l2tp Vpn拨号
- CentOS 安装L2TP VPN
- L2TP VPN 789错误
- L2TP VPN应用场景
- ubuntu 16.04 L2TP vpn
- Ubuntu L2TP VPN客户端
- Centos配置L2TP-VPN
- l2tp VPN连接
- L2TP VPN服务器搭建
- L2TP VPN 原理
- 华为L2TP配置
- redhat linux 9.0 VSFTP配置大权(转载)
- U-Boot的常用命令详解
- 网络安全方面的专业词汇大全
- Netfilter/Iptables的防火墙功能介绍 2
- 华为路由器防火墙配置命令总结
- 华为 L2TP VPN Config
- 注册控件regsvr32 ocxname.ocx....
- 入侵检测系统FAQ(全)
- 网络安全讲座之六:侦察与工具
- 在Excel的函数库中 ,Format函数改成了Text,以前的=Format(Now(),"HH:MM:SS") ,改成=Text(Now(),"HH:MM:SS")
- 网络安全讲座之一:网络安全的重要性
- 网络安全讲座之八:审计结果
- 网络安全讲座之七:IDS系统
- 网络安全讲座之三:防火墙技术
