Manualshelf

R3721-F3210-F3171-HP High-End Firewalls VPN Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
121122123124125126127128129130
116
connected to the VPN through an NAS-initialized tunnel: one on the NAS side and the other on the LNS
side. Some PPP clients may not support the second authentication. In this case, the LNS-side CHAP
authentication will fail.
Related commands: mandatory-lcp.
Examples
# Perform CHAP authentication by force.
<Sysname> system-view
[Sysname] l2tp-group 1
[Sysname-l2tp1] mandatory-chap
mandatory-lcp
Syntax
mandatory-lcp
undo mandatory-lcp
View
L2TP group view
Default level
2: System level
Parameters
None
Description
Use mandatory-lcp to force an LNS to perform LCP negotiation with users.
Use undo mandatory-lcp to disable the LCP negotiation.
By default, an LNS does not perform LCP negotiation with users.
When starting a PPP session, a client of NAS-initialized VPN will first negotiate with the network access
server (NAS) for LCP parameters. If the negotiation succeeds, the NAS initializes a tunnel and then
transfers the negotiated results to the LNS. Then the LNS verifies whether the client is valid depending on
the proxy authentication information. You can use the mandatory-lcp command to force the LNS to
perform LCP re-negotiation for the client. In this case, the proxy authentication information of the NAS will
be neglected. Some PPP clients may not support LCP re-negotiation. In this case, the LCP re-negotiation
will fail.
Related commands: mandatory-chap.
Examples
# Perform LCP negotiation by force.
<Sysname> system-view
[Sysname] l2tp-group 1
[Sysname-l2tp1] mandatory-lcp