3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

121

122

123

124

125

126

127

128

129

130

LNS Configuration 121

mandatory CHAP authentication, the system uses the address pool configured in

domain view for address assignment; if LNS adopts mandatory LCP re-negotiation,

the system uses the global address pool for address assignment.

These configurations are required on LNS side.

Perform the following configuration in virtual template interface view.

If you do not assign a value to the pool-number parameter behind the keyword

pool when specifying an address pool, the system will use the default address

pool for assignment.

By default, addresses will be assigned to the peer end from address pool 0 (default

address pool).

Setting Username,

Password and User

Authentication

On LNS side, if mandatory CHAP authentication has been configured, it needs to

configure local registered username and password on LNS side.

LAC performs user authentication to determine whether a user is a valid VPN user

by comparing remote dial-in username and password with usernames and

passwords registered at the local end. If the authentication passes, the VPN user is

allowed to communicate with LNS; if it fails, L2TP will be notified to clear the L2TP

connection.

These configurations are optional on LNS side. For more information on how to

configure them, refer to the section

“Setting Username, Password and Local User

Authentication” “Setting Username, Password and Local User Authentication”.

Disconnecting an L2TP

Connection

A connection can be disconnected for one of these reasons: no user is present,

fault occurs on the network, or the administrator requests to do so.

Both LAC side and LNS side can start disconnection. After a Tunnel is

disconnected, the control connection and sessions on it are cleared. This Tunnel

can be set up when a new user dials in.

These configurations are optional on LNS side.

Perform the following configurations in user view.

Tab le 113 Set local address and assigned address pool

Operation Command

Set local IP address ip address X.X.X.X netmask

Remove the local IP address undo ip address X.X.X.X netmask

Specify an address pool for remote address

assignment

remote address { pool pool-number |

X.X.X.X }

Delete the address pool for remote address

assignment

undo remote address

Tab le 114 Disconnect a connection by force

Operation Command

Disconnect a Tunnel reset l2tp tunnel { name remote-name | id tunnel-id }