TMS zl Management and Configuration Guide ST.1.1.100226
A-163
Command-Line Reference
L2TP User Context
Example L2TP over IPsec VPN with Local
Authentication
The following is the complete command set to create the L2TP over IPsec VPN
with the parameters detailed in Table A-45. In this example, L2TP users
authenticate to local accounts on the TMS zl Module. Note that these com-
mands do not include those for creating necessary routes or firewall access
policies.
Table A-45. Policy Parameters Used in This Configuration
Parameter TMS zl Module Setting
User Group
User group l2tpusers
IKEv1 Policy—L2tpIke
Type of policy Client-to-Site
Local gateway VLAN 20
Remote gateway n/a
Local ID IP address—172.16.20.103
Remote ID IP address—0.0.0.0
Key exchange mode Main
Authentication method Pre-shared key—procurvetestvpn
Diffie-Hellman group Group 2 (1024)
Encryption algorithm 3DES
Authentication algorithm MD5
SA lifetime (SA life) 28800
XAUTH Disabled*
IPsec Proposal—TransESP
Encapsulation mode Transport mode
Security protocol ESP
Encryption algorithm 3DES
Authentication algorithm MD5
IPsec Policy—L2tpIpsec
Protocol UDP
Local address 172.16.20.103
Local port 1701
Remote address Any
Remote port 1701