3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

101

102

103

104

105

106

107

108

109

110

108 CHAPTER 8: CONFIGURATION OF L2TP

12 If local mandatory CHAP authentication is configured at LNS, LNS will authenticate

the VPN user by sending CHAP challenge and the VPN user at PC sends back

responses;

13 LNS resends this access request to RADIUS for authentication;

14 RADIUS server re-authenticates this access request and sends back a response if

authentication is successful;

15 The authentication passes and the VPN user can use the internal resources of the

enterprise.

LAC Configuration Concerning L2TP configuration, configuration of LAC side differs from that of LNS

side. This section mainly covers the configuration of LAC side. In configuration

task list, L2TP must be enabled and L2TP group must be created before any other

functions can be configured. For detailed introduction to related PPP configuration

commands, refer to the chapters and sections for them.

Configuration tasks at LAC side include:

■ Enable L2TP (required)

■ Create L2TP group (required)

■ Set the condition triggering L2TP Tunnel setup request and LNS addresses

(required)

■ Set local name (optional)

■ Set Tunnel authentication and password (optional)

■ Set the transmission mode of AVP data (optional)

■ Set Hello interval in the Tunnel.(optional)

■ Set user name and password and configure user authentication (required)

■ Disconnect Tunnel by force (optional)

■ Enable/disable the flow control function of the Tunnel (optional)

■ Set L2TP session idle-timeout timer (optional)

■ Configure the Tunnel-hold function of L2TP (optional)

■ Set the LAC to function as client (optional)

Enabling L2TP Only after L2TP is enabled can L2TP functions on the security gateway work

normally. If L2TP is disabled, the security gateway cannot provide related functions

even if parameters of L2TP have been configured.

These configurations are compulsory on LAC side.

Perform the following configuration in system view.

Tabl e 84 Enable/disable L2TP

Operation Command

Enable L2TP l2tp enable

Disable L2TP undo l2tp enable