Support User Manuals

3Com 10014299 Network Router User Manual

Open as PDF

of 762

612 CHAPTER 43: CONFIGURING L2TP

■ LAC and LNS authenticate each other.

It can be found that either LAC or LNS can originate tunnel authentication

request. However, if one side enables the tunnel authentication, the tunnel can be

established only when the passwords on both ends of the tunnel are exactly the

same. If tunnel authentication is disabled on both ends, whether or not the tunnel

authentication passwords are the same will make no sense.

Perform the following configurations in L2TP group view.

Table 676 Set Tunnel Authentication and Password

Tunnel authentication is enabled by default. If no tunnel authentication password

is configured, the host name of the router will act as the tunnel authentication

password. In order to ensure tunnel security, users are recommended not to

disable tunnel authentication.

To ensure the tunnel security, it is recommended that the user should not disable

tunnel authentication.

The tunnel authentication password is the router host name, so you must

manually configure the tunnel authentication password after the authentication is

enabled, and ensure that the password at the LAC side is the same as that at the

LNS side.

Configure the Interval

for Sending Hello

Messages

This configuration is available to LAC and LNS.

To detect the connectivity of the tunnel between LAC and LNS, both the LAC and

the LNS will regularly send Hello messages to the peer and the receiving end will

make responses upon receiving. If the LAC or LNS does not receive the Hello

response within the specified interval, the Hello messages will be repeatedly sent.

It no response message from the peer is received after three Hello messages are

sent, the local end will assume the L2TP tunnel has already been disconnected. In

order to restore connectivity between the LAC and LNS, a new tunnel will have to

be established.

Perform the following configurations in L2TP group view.

Table 677 Set the Interval for Sending Hello Message

Operation Command

Enable tunnel authentication tunnel authentication

Disable tunnel authentication. undo tunnel authentication

Set the password of tunnel

authentication.

tunnel password { simple | cipher }

password

Remove the password of tunnel

authentication.

undo tunnel password

Operation Command

Set the interval for sending tunnel hello

packet

tunnel timer hello hello-interval

Restore the interval for sending tunnel

hello packet

undo tunnel timer hello

previous next