Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1311131213131314131513161317131813191320
A-86
Command-Line Reference
Global Configuration Context
Note Before you configure L2TP to use the RADIUS server, you should configure
the RADIUS server that the TMS zl Module uses to provide user authentication
and authorization. Enter the following command to specify the RADIUS
server:
Syntax: radius-server host <host IP address> secret <secret key> nas-id <NAS IP
address or hostname> [domain-name <domain name> [strip-domain]]
Replace <host IP address> with the IP address of the RADIUS server.
Replace <secret key> with your RADIUS servers secret key.
Replace <NAS ID> with the TMS zl Module’s NAS ID on your network.
If you choose to enter the domain-name option, replace <domain name> with
the domain name associated with your RADIUS server.
See “radius-server” on page A-105 for complete information.
To use a RADIUS server to authenticate L2TP clients and to specify the TMS
zl Module’s virtual L2TP server IP address, enter the following command:
Syntax: l2tp radius-auth <L2TP server address>
Replace <L2TP server address> with the IP address that the TMS zl Module
will use in its role as L2TP server. This IP address is not part of an existing
TMS VLAN or subnet in your network.
Your RADIUS server might provide IP settings to L2TP clients authenticating
to the domain associated with it. However, if it does not, you must configure
the TMS zl Module to specify these settings. Enter the following command to
set the IP address pool, DNS server, and WINS server (you must specify the
RADIUS server with the radius-server host command before entering this
command):
Syntax: l2tp radius-auth domain-config <domain name> ip-pool <start IP address>
<end IP address> [dns primary <DNS server address> [secondary <DNS server
address>]] [wins primary <WINS server address> [secondary <WINS server
address>]]
Replace <domain name> with the domain name that you specified for the
RADIUS server in the radius-server host command. If this RADIUS server
is not assigned to a specific domain—you did not include the domain-name
option when you entered that command—replace <domain name> with
global.