R0106-HP MSR Router Series Layer 3 - IP Services Configuration Guide(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

331

332

333

334

335

336

337

338

339

340

322

Ste

Command

Remarks

4. Specify encryption algorithms.

encryption-algorithm { 3des-cbc |

aes-cbc-128 | aes-cbc-192 |

aes-cbc-256 | aes-ctr-128 |

aes-ctr-192 | aes-ctr-256 |

des-cbc | none } *

The default encryption algorithms

are AES-CBC-256, AES-CBC-192,

AES-CBC-128, AES-CTR-256,

AES-CTR-192, AES-CTR-128,

3DES-CBC, and DES-CBC in the

descending order of priority.

Configuring an authentication method

The VAM server uses the specified method to authenticate clients in the ADVPN domain. The VAM server

supports PAP and CHAP authentication.

If the specified ISP domain does not exist, the authentication will fail. A newly configured authentication

method does not affect registered VAM clients. It applies to subsequently registered VAM clients.

To configure an authentication method:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Enter ADVPN domain view.

vam server advpn-domain

domain-name [ id domain-id ]

N/A

3. Specify a client authentication

method.

authentication-method { none |

{ chap | pap } [ domain

isp-name ] }

By default, the authentication

method is CHAP, and the default

domain is used.

Configuring keepalive parameters

Keepalive parameters include a keepalive interval and a maximum number of keepalive attempts. The

VAM server assigns the configured keepalive parameters to clients in the ADVPN domain.

A client sends keepalives to the server at the specified interval. If a client receives no responses from the

server after maximum keepalive attempts, the client stops sending keepalives. If the VAM server receives

no keepalives from a client before the timeout timer expires, the server removes information about the

client and logs off the client. The timeout time is the product of the keepalive interval and keepalive

attempts.

Newly configured keepalive parameters do not affect registered VAM clients. They apply to subsequently

registered clients.

To configure keepalive parameters:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Enter ADVPN domain view.

vam server advpn-domain

domain-name [ id domain-id ]

N/A

3. Configure keepalive

parameters.

keepalive interval time-interval

retry retry-times

By default, the keepalive interval is

180 seconds, and the maximum

number of keepalive attempts is 3.