Filter
Top Products
CLI Commands B-33
set tunnel <tunnel_
name>encryption_algori
thm [AUTO |
MICROSOFT_128BIT |
MICROSOFT_40BIT |
MICROSOFT_56BIT |
NONE | REQUIRED]
Sets encryption for a PPTP or L2TP tunnel.
Encryption can be set to any of the parameters shown in the Table below.
However, a tunnel can only be configured for Microsoft 40-bit, 56-bit, and
128-bit encryption (MPPE) if the MSCHAPv1 authentication protocol is set to
enabled. To enable MSCHAPv1, enter the set ppp receive_authentication
command and specify the MSCHAPv1 option.
The OCR 812 implementation of MPPE (Microsoft Point-to-Point Encryption) will
not work if MSCHAPv2 authentication is required by the server (to use MPPE, you
must set your system to use MSCHAPv1).
If you must authenticate with MSCHAPv2, we suggest you set encryption to
NONE (otherwise, it may be impossible to connect to sites that require MSCHAPv2
authentication).
MPPE Options:
MPPE (Microsoft Point-to-Point Encryption protocol) does not support encryption
for L2TP tunnels.
set ppp echo_retries
<number>
Sets the number of PPP echo request retries that will be attempted before
declaring a PPP link down. When set to a non-zero value, PPP echo requests will
periodically be sent on all active PPP links. If a <number> consecutive PPP echo
responses are not received, the PPP link will be declared down. The maximum
<number> of PPP echo retries is 10. When set to 0 (the default), no PPP echo
requests will be sent - the feature is disabled.
set snmp community
<community_name>
address [IP_address]
access [RO | RW]
Modifies parameters for an SNMP authorized user. The community name and IP
address of SNMP requests from managers on the network must match the list,
which you can see using list snmp communities.
Parameter Description
AUTO Use whatever type of encryption is requested.
MICROSOFT_128BIT Use the strongest level of MPPE encryption.
MICROSOFT_40BIT Use the weakest level of MPPE encryption.
MICROSOFT_56BIT Use the medium level of MPPE encryption.
NONE Use no encryption. This is the default encryption setting.
REQUIRED Some type of encryption is required. If at any time encryption is (or
becomes) unavailable, the tunnel link is terminated.
Parameter Description
<community_name> Group designation authorizing SNMP requests.
address IP address of the SNMP manager, in the form nnn.nnn.nnn.nnn
access Determines what type of access to SNMP MIBs the added user will
have. Options are Read Only (RO) and Read Write (RW).