F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices VPN Command Reference-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

121

122

123

124

125

126

127

128

129

130

120

Usage guidelines

When you start a PPP session, a client of NAS-initialized VPN will first negotiate with the NAS for LCP

parameters. If the negotiation succeeds, the NAS initializes a tunnel and then transfers the negotiated

results to the LNS. Then the LNS verifies whether the client is valid, depending on the proxy authentication

information. You can use the mandatory-lcp command to force the LNS to perform LCP re-negotiation for

the client. In this case, the proxy authentication information of the NAS will be neglected. Some PPP

clients may not support LCP re-negotiation. In this case, the LCP re-negotiation will fail.

Examples

# Perform LCP negotiation by force.

<Sysname> system-view

[Sysname] l2tp-group 1

[Sysname-l2tp1] mandatory-lcp

Related commands

mandatory-chap

reset l2tp tunnel

Use reset l2tp tunnel to disconnect tunnels and all sessions of the tunnels.

Syntax

reset l2tp tunnel { id tunnel-id | name remote-name }

Views

User view

Default command level

2: System level

Parameters

id tunnel-id: Specifies a tunnel by its local ID.

The following matrix shows the value range for the tunnel-id argument on different firewalls and UTM

devices:

Hardware Value ran

F1000-A-EI/F1000-S-EI 1 to 8192

F1000-E 1 to 8192

F5000 1 to 8192

Firewall module

1 to 1024 for 12500/10500 Enhanced FW and

1 to 8192 for others

U200-A 1 to 1024

U200-S 1 to 1024

name remote-name: Specifies tunnels by the tunnel name at the remote end, a case-sensitive string of 1

to 30 characters.