R3721-F3210-F3171-HP High-End Firewalls VPN Command Reference-6PW101

109

L2TP configuration commands

NOTE:

The term "router" in this chapter refers to both routers and firewalls running routing protocols.

allow l2tp

Syntax

allow l2tp virtual-template virtual-template-number remote remote-name [ domain domain-name ]

undo allow

View

L2TP group view

Default level

2: System level

Parameters

virtual-template-number: Number of the virtual template interface for creating a virtual access (VA)

interface, in the range of 0 to 1023.

remote-name: Name of the tunnel peer initiating a connection request, a case-sensitive string of 1 to 30

characters.

domain-name: Name of the domain initiating a connection request, a case-insensitive string of 1 to 30

characters.

Description

Use allow l2tp to specify the virtual template interface for receiving calls, the tunnel name on the LAC,

and the domain name.

Use undo allow to remove the configuration.

By default, an LNS denies all incoming calls.

The domain domain-name combination is required in L2TP multi-instance applications.

The remote remote-name combination is optional for L2TP group 1, the default L2TP group. For L2TP

group 1, the syntax of the command is allow l2tp virtual-template virtual-template-number [ remote

remote-name ] [ domain domain-name ]. A peer with any name can initiate a tunneling request.

If you specify the remote remote-name combination for L2TP group 1, L2TP group 1 will not serve as the

default L2TP group.

In Windows 2000 beta 2, if the local end name for the VPN connection is null, the peer name received

by the router is null, too. You can configure a default L2TP group to test the connectivity and receive the

tunneling request initiated by such an unknown remote end.

The allow l2tp command is available for only LNSs. If the tunnel name on the LAC is specified, make sure

that it is the same as the tunnel name configured on the LAC.