R3166-R3206-HP High-End Firewalls VPN Command Reference-6PW101

L2TP configuration commands

allow l2tp

Syntax

allow l2tp virtual-template virtual-template-number remote remote-name [ domain domain-name ]

undo allow

View

L2TP group view

Default level

2: System level

Parameters

virtual-template-number: Number of the virtual interface template for creating a virtual access (VA)

interface, in the range of 0 to 1023.

remote-name: Name of the tunnel peer initiating a connection request, a case sensitive string of 1 to 30

characters.

domain-name: Name of the domain initiating a connection request, a case insensitive string of 1 to 30

characters.

Description

Use the allow l2tp command to specify the virtual interface template for receiving calls, the tunnel name

on the LAC, and the domain name.

Use the undo allow command to remove the configuration.

By default, an LNS denies all incoming calls.

The domain domain-name combination is required in L2TP multi-instance applications.

The remote remote-name combination is optional for L2TP group 1, the default L2TP group. In other

words, for L2TP group 1, the syntax of the command is allow l2tp virtual-template

virtual-template-number [ remote remote-name ] [ domain domain-name ]. A peer with any name can

initiate a tunneling request.

If you specify the remote remote-name combination for L2TP group 1, L2PT group 1 will not serve as the

default L2TP group.

In Windows 2000 beta 2, if the local end name for the VPN connection is null, the peer name received

by the firewall is null, too. You can configure a default L2TP group to test the connectivity and receive the

tunneling request initiated by such an unknown remote end.

The allow l2tp command is available for only LNSs. If the tunnel name on the LAC is specified, ensure

that it is the same as the tunnel name configured on the LAC.

Related commands: l2tp-group.