3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

211

212

213

214

215

216

217

218

219

220

DVPN Configuration 213

Basic DVPN

Configuration

Enabling/Disabling DVPN

Perform these operations to enable/disable DVPN. If you disable DVPN on a DVPN

server, the existing DVPN sessions are removed after they time out.

Perform the following configuration in system view on a client or a DVPN server.

DVPN is enabled by default.

Configuring the pre-shared-key

Perform these operations to configure/remove authentication information

(pre-shared-key) on a DVPN server. If a client authenticates using a pre-shared-key,

it specifies the pre-shared-key the DVPN server to be accessed uses. The specified

pre-shared-key must be identical to the one the DVPN server owns.

Perform the following configuration in system view on a DVPN server.

Pre-shared-keys are not configured by default.

Configuring how to authenticate a client

At present, PAP (password authentication protocol) and CHAP (challenge

authentication protocol) are available for a DVPN server to authenticate a clients

that attempt to access the DVPN domain. After you perform this operation to

specify how a DVPN server authenticates a client, a DVPN server authenticates

clients in the specified way if it has no DVPN policy applied.

Perform the following configuration in system view on a DVPN server.

A DVPN server does not authenticate clients by default.

Configuring the map age time

You can limit the number of maps by configuring the map age time. For clients

that cannot successfully register with the DVPN server, the related maps are

removed when the map age time expires.

Perform the following configuration in system view.

Tab le 216 Enable/Disable DVPN

Operation Command

Enable DVPN dvpn service enable

Disable DVPN undo dvpn service enable

Tab le 217 Configure the pre-shared-key for a DVPN server

Operation Command

Configure a pre-shared-key dvpn server pre-shared-key key

Remove a pre-shared-key undo dvpn server pre-shared-key

Tab le 218 Configure how to authenticate a client

Operation Command

Configure how to authenticate a client

dvpn server authentication-client method

{ none | { chap | pap } [ domain isp-name ] }