EasyManuals Logo

HPE FlexNetwork MSR Series Comware 5 Layer 2 - Wan Access Configuration Guide

HPE FlexNetwork MSR Series
420 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #273 background imageLoading...
Page #273 background image
262
For information about AAA configuration commands and remote AAA authentication method
configuration, see HPE FlexNetwork MSR Router Series Comware 5 Security Configuration Guide.
Configuring an LAC to establish an L2TP tunnel
To establish an L2TP tunnel in LAC-auto-initiated mode, you must create a virtual PPP user on the
LAC. LAC performs PPP authentication for the virtual PPP user, that is, LAC is both the side that
performs PPP authenticator and the side that is authenticated by PPP. An L2TP tunnel established in
LAC-auto-initiated mode exists until you remove the tunnel by using the undo l2tp-auto-client
enable command.
To configure an LAC to establish an L2TP tunnel, perform the following tasks:
• Create a VT interface and configure an IP address for the interface.
• In virtual template interface view, configure the side that performs PPP authentication: use the
ppp authentication-mode command to specify the authentication method the LAC uses to
authenticate the virtual PPP user.
• In VT interface view, configure the side authenticated by PPP: use the ppp pap command or
the ppp chap command to specify the PPP authentication method supported by the virtual PPP
user, and the username and password of the virtual PPP user. The authentication method to be
used by the LAC and that supported by the virtual PPP user must be consistent.
• Configure AAA authentication for VPN users on the LAC. The configured username and
password for AAA authentication must be the same as those of the virtual PPP user configured
on the VT interface.
• Trigger the LAC to establish an L2TP tunnel.
To trigger an LAC to establish an L2TP tunnel:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Create a VT interface and
enter its view.
interface virtual-template
virtual-template-number
By default, no VT interface exists.
3. Assign an IP address to the VT
interface or enable IP address
negotiation so that the VT
interface accepts the IP
address negotiated with the
peer.
• ip address address mask
• ip address ppp-negotiate
Use either command.
By default, no IP address is
assigned by default.
4. Configure the authentication
method for the LAC to use to
authenticate the virtual PPP
user.
ppp authentication-mode
{
chap
|
pap
} * [
domain
isp-name ]
By default, no authentication is
performed for PPP users.

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Preview: Configuration Guide
Configuration Guide861 pages
Preview: Comware 7 Layer 3 - Ip Services Configuration Guides
Comware 7 Layer 3 - Ip Services Configuration Guides554 pages
Preview: Guide
Guide213 pages
Preview: Command Reference
Command Reference120 pages
Preview: Comware 5 Security Configuration Guide
Comware 5 Security Configuration Guide547 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork MSR Series and is the answer not in the manual?

HPE FlexNetwork MSR Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork MSR Series
CategoryNetwork Router
LanguageEnglish

Related product manuals