R3721-F3210-F3171-HP High-End Firewalls VPN Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

241

242

243

244

245

246

247

248

249

250

239

Item Descri

tion

User Address

Specify the address pool for assigning IP addresses to users on the peer

end, or assign an IP address to a user directly.

If you have specified an ISP domain in PPP authentication configuration,

the address pools in the ISP domain will be listed in the User Address list.

You can perform the following configurations:

• Click Add to add an address pool, as shown in Figure 157. See Table

25 for further details.

• Select an address pool and click Modify to enter the address pool

modification page. See Table 25 f

or configuration details.

• Select an address pool and click Delete to delete the address pool.

Assign

Address

Forcibly

Specify whether to force the peer end to use the IP address assigned by the

local end. If you enable this function, the peer end is not allowed to use its

locally configured IP address.

Advanced

Configuration

Hello Interval

Specify the interval between sending hello packets.

To check the connectivity of a tunnel, the LAC and LNS regularly send Hello

packets to each other. Upon receipt of a Hello packet, the LAC/LNS

returns a response packet. If the LAC or LNS receives no Hello response

packet from the peer within a specific period of time, it retransmits the

Hello packet. If it receives no response packet from the peer after

transmitting the Hello packet for three times, it considers that the L2TP

tunnel is down and tries to re-establish a tunnel with the peer.

The Hello intervals on the LAC and LNS ends of the tunnel can be different.

AVP Hidden

Specify whether to transfer attribute value pair (AVP) data in hidden mode.

With L2TP, some parameters are transferred as AVP data. You can

configure an LAC to transfer AVP data in hidden mode, so that AVP data

is encrypted before transmission for higher security.

This configuration takes effect only on an LAC.

Flow Control

Specify whether to enable flow control for the L2TP tunnel.

The L2TP tunnel flow control function is for control of data packets in

transmission. The flow control function helps in buffering and adjusting the

received out-of-order data packets.

Mandatory

CHAP

Specify user authentication on the LNS end.