Configuring a PPP connection profile and virtual line on System-B

 

Now that a VPN connection is configured on System-B you need to create the PPP profile for System-B. The PPP profile has no physical line associated with it; instead, it uses a virtual line. This is because the PPP traffic tunnels through the L2TP tunnel, while VPN protects the L2TP tunnel.

Follow these steps to create a PPP connection profile for System-B:

  1. IniSeries™ Navigator, expand System-B > Network > Remote Access Services.

  2. Right-click Responder Connection Profiles and select New Profile.

  3. On the Setup page, select PPP for the protocol type.

  4. For Mode selections, select L2TP (virtual line).

  5. Select Terminator (network server) from the Operating mode drop-down list.

  6. Click OK to PPP profiles properties pages.

  7. On the General page, enter a name that identifies the type and the destination of the connection. In this case, enter tobranch. The name you specify must be 10 characters, or less.

  8. Optional: Specify a description for the profile

  9. Go to the Connection page.

  10. Select the IP address of the local tunnel endpoint, 205.13.237.6.

  11. In the Virtual line name field, select tobranch from the drop-down list. Remember that this line has no associated physical interface. The virtual line describes various characteristics of this PPP profile; for example, the maximum frame size, authentication information, the local host name, and so on. The L2TP Line Properties dialog box opens.

  12. On the General page, enter a description for the virtual line.

  13. Go to the Authentication page

  14. In the Local host name field, enter the host name of the local key server, SystemB.

  15. Click OK to save the new virtual line description and return to the Connection page.

  16. Go to the TCP/IP Settings page.

  17. In the Local IP address section, select the fixed IP address of the local system, 10.6.11.1.

  18. In the Remote IP address section, select Address pool as the address assignment method. Enter a starting address, and then specify the number of addresses that can be assigned to the remote system.

  19. Select Allow remote system to access other networks (IP forwarding).

  20. Go to the Authentication page to set the user name and password for this PPP profile.

  21. In the Local system identification section, select Allow the remote system to verify the identity of this system. This opens the Local System Identification dialog box.

  22. Under Authentication protocol to use select Require encrypted password (CHAP-MD5).

  23. Enter the user name, SystemB, and a password.

  24. Click OK to save the PPP profile.

 

Parent topic:

Scenario: Protecting an L2TP voluntary tunnel with IPSec
Previous topic: Configuring VPN on System-B
Next topic: Activating packet rules