Cisco Cisco Packet Data Gateway (PDG) トラブルシューティングガイド
L2TP Network Server
LNS Service Operation ▀
Cisco ASR 5000 Series Enhanced Feature Configuration Guide ▄
OL-22982-01
Required Information
Description
Authentication
protocols used
protocols used
Specifies how the system handles authentication: using a protocol (such as CHAP, PAP, or MSCHAP),
or not requiring any authentication.
or not requiring any authentication.
Domain alias for NAI-
construction
construction
Specifies a context name for the system to use to provide accounting functionality for a subscriber
session. This parameter is needed only if the system is configured to support no authentication.
session. This parameter is needed only if the system is configured to support no authentication.
Maximum number of
sessions per tunnel
sessions per tunnel
This defines the maximum number of sessions supported by each tunnel facilitated by the LNS service.
The number can be configured to any integer value from 1 to 65535. The default is 65535.
The number can be configured to any integer value from 1 to 65535. The default is 65535.
Maximum number of
tunnels
tunnels
This defines the maximum number of tunnels supported by the LNS service.
The number can be configured to any integer value from 1 to 32000. The default is 32000.
The number can be configured to any integer value from 1 to 32000. The default is 32000.
Peer LAC
IP address or network prefix and mask:
The IP address of a specific peer LAC for which the LNS service terminates L2TP tunnels. The IP
address must be expressed in dotted decimal notation. Multiple peer LACs can be configured.
Alternately, to simplify configuration, a group of peer LACs can be specified by entering a network
prefix and a mask.
The IP address of a specific peer LAC for which the LNS service terminates L2TP tunnels. The IP
address must be expressed in dotted decimal notation. Multiple peer LACs can be configured.
Alternately, to simplify configuration, a group of peer LACs can be specified by entering a network
prefix and a mask.
Secret:
The shared secret used by the LNS to authenticate the peer LAC. The secret can be from 1 to 256 alpha
and/or numeric characters and is case sensitive.
The shared secret used by the LNS to authenticate the peer LAC. The secret can be from 1 to 256 alpha
and/or numeric characters and is case sensitive.
AAA Interface Configuration
AAA interface name
This is an identification string between 1 and 79 characters (alpha and/or numeric) by which the
interface will be recognized by the system.
Multiple names are needed if multiple interfaces will be configured.
AAA interfaces will be configured in the source context.
interface will be recognized by the system.
Multiple names are needed if multiple interfaces will be configured.
AAA interfaces will be configured in the source context.
IP address and subnet
These will be assigned to the AAA interface.
Multiple addresses and/or subnets are needed if multiple interfaces will be configured.
Multiple addresses and/or subnets are needed if multiple interfaces will be configured.
Physical port number
A single physical port can facilitate multiple interfaces.
Physical port
description
description
This is an identification string between 1 and 79 characters (alpha and/or numeric) by which the physical
port will be recognized by the system.
Multiple descriptions are needed if multiple ports will be used.
Physical ports are configured within the source context and are used to bind logical AAA interfaces.
port will be recognized by the system.
Multiple descriptions are needed if multiple ports will be used.
Physical ports are configured within the source context and are used to bind logical AAA interfaces.
Gateway IP address
Used when configuring static routes from the AAA interface(s) to a specific network.
RADIUS Server Configuration
RADIUS
Authentication server
Authentication server
IP Address:
Specifies the IP address of the RADIUS authentication server the source context will communicate with
to provide subscriber authentication functions.
Multiple addresses are needed if multiple RADIUS servers will be configured.
RADIUS authentication servers are configured within the source context. Multiple servers can be
configured and each assigned a priority.
Specifies the IP address of the RADIUS authentication server the source context will communicate with
to provide subscriber authentication functions.
Multiple addresses are needed if multiple RADIUS servers will be configured.
RADIUS authentication servers are configured within the source context. Multiple servers can be
configured and each assigned a priority.
Shared Secret:
The shared secret is a string between 1 and 15 characters (alpha and/or numeric) that specifies the key
that is exchanged between the RADIUS authentication server and the source context.
A shared secret is needed for each configured RADIUS server.
The shared secret is a string between 1 and 15 characters (alpha and/or numeric) that specifies the key
that is exchanged between the RADIUS authentication server and the source context.
A shared secret is needed for each configured RADIUS server.