3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

341

342

343

344

345

346

347

348

349

350

350 CHAPTER 20: L2TP CONFIGURATION COMMANDS

from the LNS within the specified period, LAC will take it as the peer end of the

tunnel. If not, LAC will send tunnel connection request to the next LNS.

Conflicts may exist between these VPN user judgment ways. For example, LNS

address specified according to full username is 1.1.1.1, while that according to

domain name is 1.1.1.2. To avoid situations like this, a user searching order is

necessary to be specified. The system always starts a search by looking for the

specified L2TP group by full username; if finding no match, it continues the search

by domain name.

Example

# Specify the users using the domain name of "3Com.com" to be VPN users, with

IP address of the L2TP access server of the headquarters being 202.38.168.1.

[SecBlade VPN-l2tp1] start l2tp ip 202.38.168.1 domain 3com.com

start l2tp tunnel Syntax

start l2tp tunnel

View

L2TP group view

Parameter

None

Description

Use the start l2tp tunnel command to enable the L2TP LAC to start a L2TP tunnel

connection.

This command is used only on LAC side.

Related command: tunnel keepstanding.

Example

# Enable the LAC to start a L2TP tunnel connection in the input order of the LNSs.

Let the LAC request the LNS at 1.1.1.1 first and then the LNS at 2.2.2.2 if no

response is received.

[SecBlade VPN-l2tp1] start l2tp ip 1.1.1.1 ip 2.2.2.2 fullusername vpdnuser

[SecBlade VPN-l2tp1] start l2tp tunnel

CAUTION: You must use this command in conjunction with the tunnel

keepstanding command. Otherwise, the tunnel will be torn down immediately

after it is set up.

tunnel authentication Syntax

tunnel authentication

undo tunnel authentication

View

L2TP group view