HP VPN Firewall Appliances Network Management Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

131

132

133

134

135

136

137

138

139

140

115

Ste

Command Remarks

4. Configure local or remote

AAA authentication.

For local AAA authentication, the

username and password of the peer

must be configured on the authenticator.

For remote AAA authentication, the

username and password of the peer

must be configured on the remote AAA

server.

For more information about AAA

authentication, see Access Control

Configuration Guide..

The username configured

for the peer must be the

same as that configured on

the peer.

The passwords configured

for the authenticator and

peer must be the same.

To configure the peer:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Enter interface view.

interface interface-type

interface-number

N/A

3. Assign a username to the

CHAP peer.

ppp chap user username

The username you assign to the

peer must be the same as the

local username you assign to the

peer on the authenticator.

4. Set the CHAP

authentication password.

ppp chap password { cipher |

simple } password

The password you set here must

be the same as the password

you set for the peer on the

authenticator.

Configuring MS-CHAP or MS-CHAP-V2 authentication

When you configure MS-CHAP or MS-CHAP-V2 authentication, follow these guidelines:

• In MS-CHAP or MS-CHAP-V2 authentication, an HP device can only be an authenticator

• L2TP supports the MS-CHAP authentication but does not support the MS-CHAP-V2 authentication.

• MS-CHAP-V2 authentication supports password changing only when using RADIUS.

Depending on whether the authenticator is configured with a username, the configuration of MS-CHAP

or MS-CHAP-V2 authentication includes the following two types:

• Configuring MS-CHAP or MS-CHAP-V2 authentication when the authenticator name is configured

Ste

Command Remarks

1. Enter system view.

system-view N/A

2. Enter interface view.

interface interface-type

interface-number

N/A

3. Configure the local device

to authenticate the peer by

using MS-CHAP or

MS-CHAP-V2.

ppp authentication-mode

{ ms-chap | ms-chap-v2 }

[ [ call-in ] domain isp-name ]

By default, PPP authentication is

not performed.