Manualshelf

R3166-R3206-HP High-End Firewalls VPN Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
111112113114115116117118119120
110
Configuring L2TP connection parameters
These L2TP connection parameter configuration tasks apply to both LACs and LNSs and are optional.
Configuring L2TP tunnel authentication
You can enable tunnel authentication to allow the LAC and LNS to authenticate each other. Either the
LAC or the LNS can initiate a tunnel authentication request. To implement tunnel authentication, enable
tunnel authentication on both the LAC and LNS, and configure the same non-null password on them.
Follow these steps to configure L2TP tunnel authentication:
To do… Use the command…
Remarks
Enter system view
system-view
Enter L2TP group view l2tp-group group-number
Enable the L2TP tunnel
authentication function
tunnel authentication
Optional
Enabled by default
Configure the password for
tunnel authentication
tunnel password { simple | cipher }
password
Required
The password is null by default.
NOTE:
To ensure tunnel security, enable tunnel authentication.
To change the tunnel authentication password, do so after tearing down the tunnel. Otherwise, your
change does not take effect.
Setting the hello interval
To check the connectivity of a tunnel, the LAC and LNS regularly send each other hello packets. On
receipt of a hello packet, the LAC or LNS returns a response packet. If the LAC or LNS receives no hello
response packet from the peer within a specified period of time, it retransmits the hello packet. If it
receives no response packet from the peer after transmitting the hello packet three times, it considers the
L2TP tunnel is down and tries to re-establish a tunnel with the peer.
Follow these steps to set the hello interval:
To do… Use the command…
Remarks
Enter system view
system-view
Enter L2TP group view l2tp-group group-number
Set the hello interval tunnel timer hello hello-interval
Optional
60 seconds by default
Enabling tunnel flow control
The L2TP tunnel flow control function controls data packet transmission by buffering and adjusting data
packets that arrive out of order.
Follow these steps to enable tunnel flow control:
To do… Use the command…
Remarks
Enter system view
system-view
Enter L2TP group view l2tp-group group-number