Login
- Table of Contents
-
- H3C HDM Configuration Examples-6W100
- 01-H3C Redfish Configuration Examples
- 02-H3C LDAP Configuration Examples
- 03-H3C IPMI Configuration Examples
- 04-H3C SNMP Configuration Examples
- 05-H3C HDM Mobile Configuration Examples for Remote Access to a Server Through L2TP VPN
- 06-H3C HDM Configuration Examples for Obtaining Event Logs Through the Redfish Interface
- 07-H3C HDM SMTP Configuration Examples
- 08-H3C HDM Zabbix-Based Server Monitoring Configuration Examples
- 09-H3C HDM Network Settings Configuration Examples
- 10-H3C hREST Configuration Examples for Configuring SNMP and Obtaining the CPU Information
- 11-H3C HDM Configuration Management Configuration Examples
- 12-HDM AD Configuration Examples
- 13-H3C HDM SOL Configuration Examples
- 14-HDM Unified Control Configuration Examples
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 05-H3C HDM Mobile Configuration Examples for Remote Access to a Server Through L2TP VPN | 399.20 KB |
H3C HDM Mobile
Configuration Examples for Remote Access to a Server Through L2TP VPN
Copyright © 2023 New H3C Technologies Co., Ltd. All rights reserved.
No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of New H3C Technologies Co., Ltd.
Except for the trademarks of New H3C Technologies Co., Ltd., any trademarks that may be mentioned in this document are the property of their respective owners.
The information in this document is subject to change without notice.
Example: Remotely accessing a server through the L2TP VPN
Configuring an L2TP server on the router
Configuring the gateway address on the server
Configuring the L2TP VPN on the mobile phone
Checking the VPN connection status on the router
Introduction
The following information describes how to use the HDM Mobile app to remotely access the internal server of an enterprise through Layer 2 Tunneling Protocol (L2TP) Virtual Private Network (VPN).
You can use the HDM Mobile app to view in real time the server information, such as the running and health status.
L2TP allows the Layer 2 protocol messages of user networks in different regions to be transparently transmitted or forcibly discarded through the designated channels in the operator's network.
VPN is generally used to connect the internal networks of an enterprise in different places and establish a virtual private network for the enterprise in a public network.
Prerequisites
Procedures and information in the examples might be slightly different depending on the software or hardware version of the products.
The configuration was created and verified in a lab environment, and all the servers and software were started with the factory default configuration. When you are working on a live network, make sure you understand the potential impact of every command on your network.
The following information is provided based on the assumption that you have basic knowledge about HDM, HDM Mobile, routers, and L2TP VPN.
Applicable scenarios
The following information applies to the scenarios where the server needs to be accessed remotely through L2TP VPN to improve security of remote access.
Example: Remotely accessing a server through the L2TP VPN
Network configuration
As shown in Figure 1, the HDM dedicated port of the server (H3C UniServer R4900 G3 in this example), the LAN port of the router (H3C GR5400AX in this example), and the user's PC are in the same LAN and interconnected. The WAN port of the router is directly connected to the public network, and the public IP address is obtained from the operator. The user's mobile phone can access the Internet normally through the mobile network. If there are firewall devices in the live network, check the firewall configuration to ensure interconnection of the entire network.
Now it is required that the user can use the HDM Mobile app running on his/her own mobile phone to remotely access the internal server of the enterprise through L2TP VPN. Information about devices in the network is as follows:
· HDM software:
¡ HDM management IP address: 192.168.1.200
¡ Default username: admin
¡ Default password: Password@_
· Mobile phone (Huawei P30):
¡ EMUI
version: 11.0.0
Android version: 10
¡ The HDM Mobile app has been installed.
· Router:
¡ IP address of the WAN port: The public IP address obtained through PPPoE dial-up is 125.122.223.xxx.
¡ IP address of the LAN port: 192.168.1.1
· User's PC:
¡ IP address: 192.168.1.3
¡ OS: Windows 7
Analysis
Configure the router as the L2TP server and the mobile phone as the L2TP client. Use the L2TP VPN to directly establish a VPN tunnel between the mobile phone and the router, so that the user can use HDM Mobile to directly and remotely access HDM on the server.
Software versions used
This example was created and verified on the following versions:
· HDM software: HDM 2.54
· HDM Mobile app on the mobile phone: HDM Mobile 2.0.1
Procedures
Configuring an L2TP server on the router
Logging in to the Web page of the router
Log in to the Web page of the router through the PC. The default IP address is 192.168.1.1, and the default login password is admin.
Configuring the WAN port
1. Select Interface Management > WAN Interface Settings > Connect to the Internet, configure the WAN port parameters, and click Apply.
2. Select System Monitoring > Operation Information > Basic Information. On the basic information page that opens, confirm that the WAN port is connected normally and obtains the public IP address assigned by the operator.
Configuring the L2TP server
Select VPN > L2TP VPN > L2TP VPN Server. On the L2TP server configuration page, configure parameters as follows, and click Apply.
· Enable LNS.
· Set the L2TP server name to hdm.
· Set the L2TP client address pool to 10.10.10.10 – 10.10.10.20.
· Enable tunnel authentication.
· Set the tunnel authentication password to 111111.
Creating an LNS user
1. Select VPN > L2TP VPN > LNS User Management. On the LNS user management page, click Add, configure parameters as follows, and click Add.
¡ Username: u1
¡ Password: 123456
¡ Status: Enable
2. After the LNS user is added, you can view the added user on the LNS user management page.
Configuring the gateway address on the server
1. Log in to the HDM Web page of the server through the PC. The IP address is 192.168.1.200.
2. Select Configuration > Network > Dedicated port. On the dedicated port page that opens, click Configure in the upper right corner. On the dedicated port configuration page that opens, configure parameters as shown in Figure 2, confirm that the default gateway address is set to 192.168.1.1 (LAN port address of the router), and click Save.
Figure 2 Configuring the gateway address
Configuring the L2TP VPN on the mobile phone
1. On the mobile phone, tap Settings > More connections.
2. Select VPN.
3. Tap Add VPN Network, as shown in Figure 3.
4. Enter the following information in the dialog box that opens, and tap Save.
¡ Name: hdm
¡ Type: L2TP
¡ Server address: 125.122.223.xxx (IP address of the WAN port on the router)
¡ L2TP PKI: 111111 (L2TP tunnel authentication password of the router)
5. Check that the VPN named hdm is displayed on the VPN screen, as shown in Figure 4.
Figure 4 Checking the added VPN
6. Tap the added VPN to open the L2TP user creation page, enter the LNS username and password that are previously added, and tap Connect to establish the VPN connection between the mobile phone and router.
¡ Username: u1
¡ Password: 123456
Checking the VPN connection status on the router
1. After the VPN connection is established, select VPN > L2TP VPN > L2TP Status on the router. The session information of the connected user u1 is displayed.
2. On the VPN screen of the mobile phone, check that the status of the added VPN is Connected, as shown in Figure 5.
Verifying the configuration
Adding a server
1. Launch the HDM Mobile app on the mobile phone, as shown in Figure 6.
2. Tap 
in the upper right corner of the device management screen. On the Add Device screen that opens, configure parameters as
follows, and tap OK, as shown in Figure 7.
¡ HDM address of the server: 192.168.1.200
¡ Port: 443 (Default)
¡ Administrator account: admin
¡ Administrator password: Password@_
¡ (Optional) Remember the password: Enable
Figure 7 Adding a device on HDM Mobile
Logging in to the server
After the server is added, access the server list screen. Tap the added server in the device list. On the screen that opens, check that the dedicated port address is 192.168.1.200, which is consistent with the HDM management IP address of the server, as shown in Figure 8. This indicates that the user can use HDM Mobile to remotely access HDM on the server through the L2TP VPN.
Figure 8 Logging in to the server through HDM Mobile
Related documentation
· H3C Servers HDM H3C User Guide
· H3C HDM Technology White Paper
· H3C GR-5400AX Dual-Band Wi-Fi 6 Wireless Router (2.5G) Quick Start
