R3721-F3210-F3171-HP High-End Firewalls VPN Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

241

242

243

244

245

246

247

248

249

250

238

Item Descri

tion

Tunnel Authentication

Enable or disable L2TP tunnel authentication in the group. If you enable

tunnel authentication, you need to set the authentication password.

The tunnel authentication request can be initiated by the LAC or LNS. Once

tunnel authentication is enabled on one end, a tunnel can be established if

tunnel authentication is also enabled on the other end and the passwords

configured on the two ends are the same and not null; if these requirements

cannot be satisfied, the tunnel initiator will tear down the tunnel connection

automatically. If tunnel authentication is disabled on both ends, the tunnel

authentication passwords configured will not take effect.

IMPORTANT:

• HP recommends enabling tunnel authentication on both ends of the

tunnel for security. You can disable tunnel authentication if you want to

test the network connectivity or let the local end receive connections

initiated by unknown peers.

• If you modify the tunnel authentication password when the tunnel is

working, you need to tear down the tunnel, so that the modified

authentication password can take effect when the tunnel is

reestablished.

Authentication Password

PPP

Authentication

Configuration

Authentication

Method

Select the authentication method for PPP users on the local end.

You can select PAP or CHAP. If you do not select an authentication method,

no authentication will be performed.

ISP Domain

Specify the ISP domain for PPP user authentication. You can perform the

following configurations:

• Click Add to enter the page for adding an ISP domain, as shown

in Figure 156. S

ee Table 24 for further details.

• Select an ISP domain and click Modify to enter the ISP domain

modification page. See Table 24 f

or configuration details.

• Select an ISP domain and click Delete to delete the ISP domain.

IMPORTANT:

• If you specify an ISP domain, the specified domain will be used for

authentication, and IP addresses must be assigned from the address

pool configured in the specified domain. See description on the User

Address parameter for details.

• If you do not specify any ISP domain, the system will check whether

domain information is carried in a username. If yes, the domain will be

used for authentication (if the domain does not exist, the authentication

will fail); otherwise, the default domain (system by default) will be used

for authentication.

PPP Address

PPP Server

IP/Mask

Specify the IP address and mask of the local end.

PPP Server

Zone

Specify the security zone to which the local end belongs.

If you do not select a zone, the global address pool will be used.