3com 3031 Instruccion De Instalación
896
C
HAPTER
63: C
ONFIGURATION
OF
L2TP
whether users are legal VPN users. After passing the authentication,
communication between VPN users and LNS users can be created. Otherwise,
L2TP will be notified to clear the L2TP link.
communication between VPN users and LNS users can be created. Otherwise,
L2TP will be notified to clear the L2TP link.
Regarding user ID authentication on LNS side, usernames are in the following two
kinds of forms:
kinds of forms:
■
Username is VPN full username, and password is VPN user registered password
■
Username is “username+domain name”, and password is VPN user registered
password
password
These configurations are optional on LNS side.
Perform the following configuration in system view.
Perform the following configuration in virtual template view.
By default, local username and password are not configured on LNS side.
Forcing to disconnect
Tunnel
Tunnel clearing process occurs when there is no user, or there is failure in network
or the administrator disconnect the tunnel on his own initiative. Either LAC side or
LNS side can send request for clearing tunnel initiatively. The side receiving clearing
request must send acknowledgement (ACK) information, and wait for a certain
period of time before clearing tunnel, so as to ensure resent clearing request from
the peer end can be correctly received in case that ACK information is lost. After
disconnecting tunnel compulsorily, all control connection and session connection
in the tunnel will also be cleared. After the tunnel is disconnected, it can be
recreated when new users dial up.
or the administrator disconnect the tunnel on his own initiative. Either LAC side or
LNS side can send request for clearing tunnel initiatively. The side receiving clearing
request must send acknowledgement (ACK) information, and wait for a certain
period of time before clearing tunnel, so as to ensure resent clearing request from
the peer end can be correctly received in case that ACK information is lost. After
disconnecting tunnel compulsorily, all control connection and session connection
in the tunnel will also be cleared. After the tunnel is disconnected, it can be
recreated when new users dial up.
These configurations are optional on LNS side.
Perform the following in the User View.
Table 968 Setting user name, password and authentication mode
Operation
Command
Set user name and password.
local-user username password { simple |
cipher } password
Clear the set user name and
password.
password.
undo local-user username
Enable AAA
aaa enable
Configure authentication method
list of PPP user
list of PPP user
aaa authentication-scheme ppp { default |
list-name } local
Table 969 Configuring/removing user authentication types
Operation
Command
Configure user authentication
ppp authentication-mode { chap | pap } [
callin ] [ scheme { default | list-name
}
]
Remove user authentication
undo ppp authentication-mode
Table 970 Forcing to disconnect Tunnel
Operation
Command
Force to disconnect Tunnel
reset l2tp tunnel
{
remote-name | tunnel-id }