HP VPN Firewall Appliances VPN Command Reference
107
L2TP commands
The term "router" in this document refers to both routers and routing-capable firewalls and firewall
modules.
allow l2tp
Use allow l2tp to specify the VT interface for receiving calls, the tunnel name on the LAC, and the domain
name.
Use undo allow to remove the configuration.
Syntax
allow l2tp virtual-template virtual-template-number remote remote-name [ domain domain-name ]
undo allow
Default
An LNS denies all incoming calls.
Views
L2TP group view
Default command level
2: System level
Parameters
virtual-template virtual-template-number: Specifies a VT interface for creating a VA interface, in the
range of 0 to 1023.
remote remote-name: Specifies the name of the tunnel peer initiating a connection request, a
case-sensitive string of 1 to 30 characters.
domain domain-name: Specifies the name of the domain initiating a connection request, a
case-insensitive string of 1 to 30 characters.
Usage guidelines
The domain domain-name option is required in L2TP multi-instance applications.
The remote remote-name option is optional for L2TP group 1, the default L2TP group. For L2TP group 1,
the syntax of the command is allow l2tp virtual-template virtual-template-number [ remote remote-name ]
[ domain domain-name ]. A peer with any name can initiate a tunneling request.
If you specify the remote remote-name option for L2TP group 1, L2TP group 1 will not serve as the default
L2TP group.
In Windows 2000 beta 2, if the local end name for the VPN connection is null, the peer name received
by the router is null, too. You can configure a default L2TP group to test the connectivity and receive the
tunneling request initiated by such an unknown remote end.
The allow l2tp command is available for only LNSs. If the tunnel name on the LAC is specified, make sure
that it is the same as the tunnel name configured on the LAC.