Product specifications

ManualsBrandsEfficient Networks ManualsComputer equipmentRouter family Command line interface

261

262

263

264

265

266

267

268

269

270

Chapter 6: Connection Management Efficient Networks

Router family

Command Line Interface Guide

Page 6-56 Efficient Networks

NOTE:

You cannot ping the tunnel endpoint, only the LAN behind it.

The eth ip addr 10.2.0.1 255.255.255.0 command sets the Ethernet address of the

corporate router. You may not need to change this setting unless both LAN subnets of

the VPN are identical. Each LAN of a VPN solution must be a unique subnet.

Step 2: Configure the L2TP Tunnel Connections

Branch Office Configuration:

Set up the tunnel to Corporate with:

l2tp add tunnelb

The name "tunnelb" is the name that is expected from the tunnel peer when

challenged to identify itself. The Branch Office router asks "Who are you?" and

Corporate says "I am tunnelb" and the Branch Office authenticates. This command

must match the Corporate router name in the command:

l2tp set ourtunnelname <name> <tunnel name>

Next, define the common authentication secret used between the two devices. This

tunnel device will use the password of "tunnelsecret" for the tunnel peer when

challenged to identify itself. Both peers use the same secret:

l2tp set chapsecret tunnelsecret tunnelb

Define the name of the our end of the tunnel for authentication purposes. The name

"tunnela" is sent to the tunnel peer when challenged to identify yourself. Corp says

"who are you" Branch replies "I am tunnela" Corporate authenticates. This setting

must match the command "l2tp add <name>" on the Corporate router.

l2tp set ourtunnelname tunnela tunnelb

Define the sysname of this router for authentication purposes. This tunnel device

sends the name "cust" when challenged to identify itself. This must match the

command "remote add <name>" on the Corporate router.

l2tp set oursysname cust tunnelb

Define the password of this router for authentication purposes. This tunnel device

sends the password "custpass" when challenged to identify itself. This must match

the password in the command "rem setpasswd <password>" on the Corporate router.

l2tp set ourpassword custpass tunnelb

Set the IP address of the other end of the tunnel, that is, the WAN IP address of the

Corporate router.

l2tp set address 200.5.5.10 tunnelb