Motorola Enterprise Series Routers 用户手册
5-6 Administrator’s Handbook
Note:
Motorola Netopia® Embedded Software Version 8.7.4 suppor ts 128-bit (“strong”) encr yption. Unlike
MS-CHAP version 1, which suppor ts one-way authentication, MS-CHAP version 2 suppor ts mutual
authentication between connected gateways and is incompatible with MS-CHAP version 1 (MS-CHAP-V1). When
you choose MS-CHAP as the authentication method for the PPTP tunnel, the Motorola Netopia
authentication between connected gateways and is incompatible with MS-CHAP version 1 (MS-CHAP-V1). When
you choose MS-CHAP as the authentication method for the PPTP tunnel, the Motorola Netopia
®
Router will star t
negotiating MS-CHAP-V2. If the gateway you are connecting to does not suppor t MS-CHAP-V2, it will fall back to
MS-CHAP-V1, or, if the gateway you are connecting to does not suppor t MPPE at all, the PPP session will be
dropped.
MS-CHAP-V1, or, if the gateway you are connecting to does not suppor t MPPE at all, the PPP session will be
dropped.
•
You can specify a Send Host Name which is used with Send Secret for authenticating with a remote PNS
when the profile is used for initiating a tunnel connection.
when the profile is used for initiating a tunnel connection.
•
You must specify a Send Password (the CHAP and MS-CHAP term for password), used for authenticating
the tunnel when initiating a tunnel connection.
the tunnel when initiating a tunnel connection.
•
You can specify a Receive Host Name which is used with the Receive Secret for authenticating a remote
PPTP client.
PPTP client.
•
You must specify a Receive Password, used for authenticating the remote PPTP client.
•
You can specify that this Router will Initiate Connections (acting as a PAC) or only answer them (acting as
a PNS).
a PNS).
•
Tunnels are normally initiated On Demand; however, you can disable this feature. When disabled, the
tunnel must be manually established or may be scheduled using the scheduled connections feature. See
tunnel must be manually established or may be scheduled using the scheduled connections feature. See
.
•
Some networks that use Microsoft Windows NT PPTP Network Ser vers require additional authentication
information, called Windows NT Domain Name, when answering PPTP tunnel connection requests. Not all
Windows NT installations require this information, since not all such installations use this authentication
feature. The Windows NT Domain Name is not the same as the Internet domain name, but is the name of
a group of ser vers that share common security policy and user account databases. Your PPTP tunnel
par tner’s administrator will supply this Windows NT Domain Name if it is required. If you configure your
Router to initiate PPTP tunnel connections by toggling Initiate Connections to Yes, the Optional Windows
NT Domain Name field appears. Enter the domain name your network administrator has supplied.
information, called Windows NT Domain Name, when answering PPTP tunnel connection requests. Not all
Windows NT installations require this information, since not all such installations use this authentication
feature. The Windows NT Domain Name is not the same as the Internet domain name, but is the name of
a group of ser vers that share common security policy and user account databases. Your PPTP tunnel
par tner’s administrator will supply this Windows NT Domain Name if it is required. If you configure your
Router to initiate PPTP tunnel connections by toggling Initiate Connections to Yes, the Optional Windows
NT Domain Name field appears. Enter the domain name your network administrator has supplied.
•
You can specify the Idle Timeout, an inactivity timer, whose expiration will terminate the tunnel. A value of
zero disables the timer. Because tunnels are subject to abrupt termination when the underlying datalink is
torn down, use of the Idle Timeout is strongly encouraged.
zero disables the timer. Because tunnels are subject to abrupt termination when the underlying datalink is
torn down, use of the Idle Timeout is strongly encouraged.
•
Return to the Connection Profile screen by pressing Escape.
•
Select IP Profile Parameters and press Return.
The IP Profile Parameters screen appears.