108 lines
8.0 KiB
HTML
108 lines
8.0 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<!DOCTYPE html
|
||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html lang="en-us" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow" />
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<meta name="DC.Type" content="task" />
|
||
|
<meta name="DC.Title" content="Configure a PPP connection profile and virtual line on iSeries-A" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzajaremoteuser.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzajaconfigurevpnoniseriesa3.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzajaapplythecodeppp.htm" />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
|
||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
|
||
|
<meta name="DC.Format" content="XHTML" />
|
||
|
<meta name="DC.Identifier" content="rzajaconfigureapppconnection" />
|
||
|
<meta name="DC.Language" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
||
|
<title>Configure a PPP connection profile and virtual line on iSeries-A</title>
|
||
|
</head>
|
||
|
<body id="rzajaconfigureapppconnection"><a name="rzajaconfigureapppconnection"><!-- --></a>
|
||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
||
|
<h1 class="topictitle1">Configure a PPP connection profile and virtual line on iSeries-A</h1>
|
||
|
<div><div class="section"><p>This section describes the steps you must take to create the PPP
|
||
|
profile for iSeries-A. The PPP profile has no physical line associated with
|
||
|
it; instead, it uses a virtual line. This is because the PPP traffic tunnels
|
||
|
through the L2TP tunnel, while VPN protects the L2TP tunnel.</p>
|
||
|
<p>Follow
|
||
|
these steps to create a PPP connection profile for iSeries-A:</p>
|
||
|
</div>
|
||
|
<ol><li><span>In <span class="keyword">iSeries™ Navigator</span>,
|
||
|
expand iSeries-A<span class="menucascade"><span class="uicontrol"></span> > <span class="uicontrol">Network</span> > <span class="uicontrol">Remote Access Services</span></span>.</span></li>
|
||
|
<li><span>Right-click <span class="uicontrol">Originator Connection Profiles</span> and
|
||
|
select <span class="uicontrol">New Profile</span>.</span></li>
|
||
|
<li><span>On the <span class="uicontrol">Setup</span> page, select <span class="uicontrol">PPP</span> for
|
||
|
the protocol type.</span></li>
|
||
|
<li><span>For Mode selections, select <span class="uicontrol">L2TP (virtual line)</span>.</span></li>
|
||
|
<li><span>Select <span class="uicontrol">Initiator on-demand (voluntary tunnel)</span> from
|
||
|
the <span class="uicontrol">Operating mode</span> drop-down list.</span></li>
|
||
|
<li><span>Click <span class="uicontrol">OK</span> to go to the PPP profiles properties
|
||
|
pages.</span></li>
|
||
|
<li><span>On the <span class="uicontrol">General</span> page, enter a name that identifies
|
||
|
the type and the destination of the connection. In this case, enter <samp class="codeph">toCORP</samp>.
|
||
|
The name you specify must be 10 characters, or less.</span></li>
|
||
|
<li><span>Optional: Specify a description for the profile.</span></li>
|
||
|
<li><span>Go to the <span class="uicontrol">Connection</span> page.</span></li>
|
||
|
<li><span>In the <span class="uicontrol">Virtual line name</span> field, select <span class="uicontrol">tocorp</span> from
|
||
|
the drop-down list. Remember that this line has no associated physical interface.
|
||
|
The virtual line describes various characteristics of this PPP profile; for
|
||
|
example, the maximum frame size, authentication information, the local host
|
||
|
name, and so on. The <span class="uicontrol">L2TP Line Properties</span> dialog box
|
||
|
opens.</span></li>
|
||
|
<li><span>On the <span class="uicontrol">General</span> page, enter a description
|
||
|
for the virtual line.</span></li>
|
||
|
<li><span>Go to the <span class="uicontrol">Authentication</span> page.</span></li>
|
||
|
<li><span>In the <span class="uicontrol">Local host name</span> field, enter the
|
||
|
host name of the local key server, <samp class="codeph">iSeriesA</samp>.</span></li>
|
||
|
<li><span>Click <span class="uicontrol">OK</span> to save the new virtual line description
|
||
|
and return to the <span class="uicontrol">Connection</span> page.</span></li>
|
||
|
<li><span>Enter the remote tunnel endpoint address, <samp class="codeph">205.13.237.6</samp>,
|
||
|
in the <span class="uicontrol">Remote tunnel endpoint address</span> field.</span></li>
|
||
|
<li><span>Select <span class="uicontrol">Requires IPSec Protection</span> and select
|
||
|
the dynamic-key group you created in previous step <a href="rzajaconfigurevpnoniseriesa3.htm">Configure VPN on iSeries-A</a>, <samp class="codeph">l2tptocorp</samp> from
|
||
|
the <span class="uicontrol">Connection group name</span> drop-down list.</span></li>
|
||
|
<li><span>Go to the <span class="uicontrol">TCP/IP Settings</span> page.</span></li>
|
||
|
<li><span>In the <span class="uicontrol">Local IP address</span> section, select <span class="uicontrol">Assigned
|
||
|
by remote system</span>.</span></li>
|
||
|
<li><span>In the <span class="uicontrol">Remote IP address</span> section, select <span class="uicontrol">Use
|
||
|
fixed IP address</span>. Enter <samp class="codeph">10.6.11.1</samp>, which is the
|
||
|
remote system's IP address in its subnet.</span></li>
|
||
|
<li><span>In the routing section, select <span class="uicontrol">Define additional static
|
||
|
routes</span> and click <span class="uicontrol">Routes</span>. If there is no
|
||
|
routing information provided in the PPP profile, then iSeries-A is only able
|
||
|
to reach the remote tunnel endpoint but not any other system on the 10.6.0.0
|
||
|
subnet.</span></li>
|
||
|
<li><span>Click <span class="uicontrol">Add</span> to add a static route entry.</span></li>
|
||
|
<li><span>Enter the subnet, <samp class="codeph">10.6.0.0</samp>, and the subnet mask, <samp class="codeph">255.255.0.0</samp> to
|
||
|
route all 10.6.*.* traffic through the L2TP tunnel.</span></li>
|
||
|
<li><span>Click <span class="uicontrol">OK</span> to add the static route.</span></li>
|
||
|
<li><span>Click <span class="uicontrol">OK</span> to close the Routing dialog box.</span></li>
|
||
|
<li><span>Go to the <span class="uicontrol">Authentication</span> page to set the
|
||
|
user name and password for this PPP profile.</span></li>
|
||
|
<li><span>In the Local system identification section, select <span class="uicontrol">Allow
|
||
|
the remote system to verify the identity of this system</span>.</span></li>
|
||
|
<li><span>Under <span class="uicontrol">Authentication protocol to use</span> select <span class="uicontrol">Require
|
||
|
encrypted password (CHAP-MD5)</span>.In the Local system identification
|
||
|
section, select <span class="uicontrol">Allow the remote system to verify the identity
|
||
|
of this system</span>.</span></li>
|
||
|
<li><span>Enter the user name, <samp class="codeph">iSeriesA</samp>, and a password.</span></li>
|
||
|
<li><span>Click <span class="uicontrol">OK</span> to save the PPP profile.</span></li>
|
||
|
</ol>
|
||
|
</div>
|
||
|
<div>
|
||
|
<div class="familylinks">
|
||
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzajaremoteuser.htm" title="In this scenario, you learn how to setup a connection between a branch office host and a corporate office that uses L2TP protected by IPSec. The branch office has a dynamically assigned IP address, while the corporate office has a static, globally routable IP address.">Scenario: Protect an L2TP voluntary tunnel with IPSec</a></div>
|
||
|
<div class="previouslink"><strong>Previous topic:</strong> <a href="rzajaconfigurevpnoniseriesa3.htm">Configure VPN on iSeries-A</a></div>
|
||
|
<div class="nextlink"><strong>Next topic:</strong> <a href="rzajaapplythecodeppp.htm">Apply the l2tptocorp dynamic-key group to the toCorp PPP profile</a></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</body>
|
||
|
</html>
|