EasyManua.ls Logo

HPE FlexNetwork MSR Series

HPE FlexNetwork MSR Series
420 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
261
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Enter L2TP group view.
l2tp-group
group-number N/A
3. Specify that AVP data be
transferred in hidden mode.
tunnel avp-hidden
Optional.
By default, AVP data is
transferred in plain text.
This command takes effect when
tunnel authentication is enabled.
Configuring AAA authentication for VPN users on LAC side
You can configure an LAC to perform AAA authentication for VPN users and initiate a tunneling
request only for qualified users. No tunnel will be established for unqualified users.
The device supports both local AAA authentication and remote AAA authentication:
For local AAA authentication, create a local user and configure a password for each remote
user on the LAC. The LAC authenticates a remote user by matching the provided username
and password against those configured locally.
For remote AAA authentication, configure the username and password of each user on the
RADIUS/HWTACACS server. The LAC sends the remote user's username and password to the
server to authenticate.
Configuration restrictions and guidelines
When you configure AAA authentication for VPN users on LAC side, follow these guidelines:
For successful user authentication, configure PPP on the LAC's corresponding interface, for
example, the asynchronous serial interface that connects with users. For PPP configuration
information, see "Configuring PPP and MP."
Configure the authentication type of PPP users as PAP, CHAP, or MS-CHAP on the user access
interfaces.
Configuration procedure
To configure local authentication, authorization, and accounting:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Create a local user and enter
its view.
local-user
username
By default, no local user or
password is configured on an
LAC.
3. Configure a password for the
local user.
password
{
cipher
|
simple
}
password
4. Authorize the user to use the
PPP service.
service-type ppp
N/A
5. Return to system view.
quit
N/A
6. Create an ISP domain and
enter its view.
domain
isp-name N/A
7. Configure the domain to use
local
authentication/authorization/
accounting for its PPP users.
authentication ppp local
authorization ppp local
accounting ppp local
Optional.
Local
authentication/authorization/acco
unting is used by default.

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Preview: Configuration Guide
Configuration Guide861 pages
Preview: Comware 7 Layer 3 - Ip Services Configuration Guides
Comware 7 Layer 3 - Ip Services Configuration Guides554 pages
Preview: Guide
Guide213 pages
Preview: Command Reference
Command Reference120 pages
Preview: Comware 5 Security Configuration Guide
Comware 5 Security Configuration Guide547 pages

Related product manuals