Manualshelf

R3166-R3206-HP High-End Firewalls VPN Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
81828384858687888990
79
domain-name: Name of the domain initiating a connection request, a case insensitive string of 1 to 30
characters.
user-name: Fully qualified name of the user initiating a connection request, a case sensitive string of 1 to
32 characters.
Description
Use the start l2tp command to enable the firewall to initiate tunneling requests to one or more IP
addresses for one or more specified VPN users.
Use the undo start to remove the configuration.
The start l2tp command is available for only LACs.
An LAC can initiate tunneling requests for users in a specified domain. For example, if the domain name
of a company is aabbcc.net, users with such a domain name are considered VPN users.
You can specify a single VPN user by giving the fully qualified name of the user.
When an LAC detects a VPN user, it initiates an L2TP tunneling request to LNSs one by one in their
configuration order until it receives the acknowledgement of an LNS, which is considered the tunnel peer.
Examples
# Initiate L2TP tunneling requests to LNS 202.1.1.1 for users in domain aabbcc.net.
<Sysname> system-view
[Sysname] l2tp-group 1
[Sysname-l2tp1] start l2tp ip 202.1.1.1 domain aabbcc.net
tunnel authentication
Syntax
tunnel authentication
undo tunnel authentication
View
L2TP group view
Default level
2: System level
Parameters
None
Description
Use the tunnel authentication command to enable the L2TP tunnel authentication function.
Use the undo tunnel authentication command to disable the L2TP tunnel authentication function.
By default, L2TP tunnel authentication is enabled.
Generally, authentication is required at both ends of a tunnel for the sake of security. However, you can
disable the authentication when you check network connectivity or it is required to receive tunneling
requests from unknown tunnel peers.
Examples
# Disable L2TP tunnel authentication.