Support User Manuals

3Com 10014299 Network Router User Manual

Open as PDF

of 762

Basic Configuration at LAC 607

Table 666 Create/Delete a L2TP Group

Originate L2TP

Connection Request and

Configure LNS Address

After a dial-up user passes VPN authentication successfully, LAC conveys the

request of creating tunnel to a designated LNS. Besides the IP address of the LNS,

LAC can fulfill authentication for 3 types (namely, 3 triggering conditions) of

dial-up users based on this configuration: full user name (fullusername), user

with a particular domain (domain) and called number (dnis). A maximum of 5

LNSs can be configured and LNSs will be searched for according to the address

order configured.

Perform the following configurations in L2TP group view.

Table 667 Originate L2TP Connection Request and LNS Address

There is no default value. One triggering condition must be configured.

Configure AAA and

Local Users

When configuring the AAA at LAC side, the local user name and password should

be configured at LAC side if the local (authenticating locally) mode is selected.

LAC will authenticate remote dial-in user name and password to see whether they

are compliant with the local registered user name and password, and hence to

check whether these users are legal VPN users. Only after passing authentication

successfully, can the request of establishing tunnel connection be processed,

otherwise the user will be turned to services of other types except VPN.

When user ID authentication is implemented at LAC side, user name can be given

in by the following means:

■ Adopting the authentication based on particular domain (domain), the local

user name and password configured are respectively the full user name and

password registered.

■ Adopting the authentication based on full user name (fullusername), the local

user name configured is the domain name of the VPN user and the user's

password.

Perform the ppp authentication-mode configuration in interface view and make

the other configurations in system view.

Operation Command

Create a L2TP group l2tp-group group-number

Delete a L2TP group. undo l2tp-group group-number

Operation Command

Configure to authenticate whether the

user is a VPN user and set the IP address of

the corresponding LNS

start l2tp { ip ip-address [ ip

ip-address … ] } { domain domain-name

| dnis dialed-number | fullusername

user-name }

Remove the connection request

configuration

undo start l2tp [ ip ip-address ]

previous next