R0106-HP MSR Router Series Layer 2 - WAN Configuration Guide(V7)
71
Configuring optional L2TP parameters
The optional L2TP parameter configuration tasks apply to both LACs and LNSs.
Configuring L2TP tunnel authentication
You can enable tunnel authentication to allow the LAC and LNS to authenticate each other. Either the
LAC or the LNS can initiate a tunnel authentication request. To implement tunnel authentication, enable
tunnel authentication on both the LAC and LNS, and configure the same non-null key on them.
To ensure tunnel security, enable tunnel authentication.
Change the tunnel authentication key before tunnel negotiation is performed. Otherwise, your change
does not take effect.
To configure L2TP tunnel authentication:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter L2TP group view.
l2tp-group group-number [ mode { lac
| lns } ]
N/A
3. Enable L2TP tunnel
authentication.
tunnel authentication
Enabled by default.
4. Configure the tunnel
authentication key.
tunnel password { cipher | simple }
password
By default, no key is configured.
Setting the Hello interval
To check the connectivity of a tunnel, the LAC and LNS periodically send each other Hello packets. At
receipt of a Hello packet, the LAC or LNS returns a response packet. If the LAC or LNS receives no
response packets from the peer within a specific period of time (the Hello interval), it retransmits the Hello
packet. If it receives no response packets from the peer after transmitting the Hello packet five times, it
considers the L2TP tunnel to be down.
To set the Hello interval:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter L2TP group view.
l2tp-group group-number [ mode { lac
| lns } ]
N/A
3. Set the Hello interval.
tunnel timer hello hello-interval The default setting is 60 seconds.
Enabling session flow control
The L2TP session flow control function adds sequence numbers to transmitted packets, and uses them to
reorder packets arriving out of order and to detect lost packets.
This function takes effect on both sent and received L2TP data messages. The L2TP sessions support this
function if either the LAC or LNS is enabled with this function.