Configure the interface and add the interface to the relevant area
[FW1-GigabitEthernet1/0/0]ip add 10.1.1.1 24
[FW1-GigabitEthernet1/0/1]ip add 192.168.0.254 24
[FW1]firewall zone untrust
[FW1-zone-untrust]add interface GigabitEthernet 1/0/1
[FW1]firewall zone trust
[FW1-zone-trust]add interface GigabitEthernet 1/0/0
Release related orders
[FW1-GigabitEthernet1/0/0]service-manage ping permit
[FW1-GigabitEthernet1/0/1]service-manage ping permit
Create L2TP *** template
[FW1]int Virtual-Template 0
[FW1-Virtual-Template0]ip add 10.1.2.1 24
[FW1-Virtual-Template0]ppp authentication-mode chap // Configure the identity authentication mode to CHAP
[FW1-Virtual-Template0]remote address 10.1.2.10
[FW1]firewall zone untrust
[FW1-zone-untrust]add interface Virtual-Template 0 // Add the virtual interface to the relevant zone
Enable L2TP service and set parameters
[FW1]l2tp enable // Enable L2TP
[FW1]l2tp-group 1 // Create L2TP group
[FW1-l2tp-1]tunnel name client // Configure the L2TP tunnel name
[FW1-l2tp-1]allow l2tp virtual-template 0 remote client // call L2TP virtual template
[FW1-l2tp-1]tunnel authentication // Configure tunnel authentication
[FW1-l2tp-1]tunnel password cipher ABCabc@123 // Configure tunnel authentication password
Create dial-up user
[FW1]user-manage user user001
[FW1-localuser-user001]password ABCabc@1234
[FW1-localuser-user001]parent-group /default
Configure security policy
[FW1]security-policy
[FW1-policy-security-rule-l2tp1]source-zone trust
[FW1-policy-security-rule-l2tp1]destination-zone untrust
[FW1-policy-security-rule-l2tp1]source-address 10.1.1.0 24
[FW1-policy-security-rule-l2tp1]action permit
[FW1-policy-security]rule name l2tp2
[FW1-policy-security-rule-l2tp2]source-zone untrust
[FW1-policy-security-rule-l2tp2]destination-zone trust
[FW1-policy-security-rule-l2tp2]destination-address 10.1.1.0 24
[FW1-policy-security-rule-l2tp2]action permit
[FW1-policy-security]rule name l2tp3
[FW1-policy-security-rule-l2tp3]source-zone local untrust
[FW1-policy-security-rule-l2tp3]destination-zone local untrust
[FW1-policy-security-rule-l2tp3]service l2tp
[FW1-policy-security-rule-l2tp3]action permit