608CHAPTER 43: CONFIGURING L2TP

Table 668 Configure AAA and Local Users

Operation

Command

 

 

Enable AAA.

aaa-enable

 

 

Configure the authentication method

aaa authentication-scheme ppp {

table of PPP user

default list-name } { method1} [

 

method2 ... ]

 

 

Specify accounting scheme configure

aaa accounting-scheme optional

information

 

 

 

Configure to authenticate users.

ppp authentication-mode { pap chap

 

}

 

 

Set user name and password.

local-user username password { simple

 

cipher } password

 

 

Remove the user name and password

undo local-user username

 

 

By default, the local user name and password are not configured.

As the AAA attributes of L2TP are not standard attributes of RADIUS protocol, it is necessary to add the definition of L2TP attributes to the attribute set of RADIUS server.

Table 669 L2TP Attribute Table

Attribute value

Name

Description

 

 

 

100

Tunnel-Type

Tunnel type (L2TP=1)

 

 

 

101

L2TP-Tunnel-Password

L2TP tunnel password

 

 

 

102

Local-Name

Local name of tunnel

 

 

 

103

LNS-IP-Address

IP address of LNS

 

 

 

104

Tunnel-Medium-Type

Medium type of the tunnel (IP=1)

 

 

 

105

L2TP group Number

L2TP group number

 

 

 

Basic Configuration at

LNS

Enable L2TP

Basic configuration at LNS side includes:

Enable L2TP

Create a L2TP group

Create a virtual template

Configure the name of the receiving end of the tunnel

Configure the local VPN user

The L2TP on a router can work normally only after it is enabled. If it is disabled, the router will not provide the related function even if the L2TP parameters are configured.

Perform the following configurations in system view.

Table 670

Enable/Disable L2TP

 

 

 

Operation

 

Command

 

 

 

Enable L2TP

 

l2tp enable

 

 

 

Disable L2TP

 

undo l2tp enable

 

 

 

By default, L2TP is disabled.

Page 612
Image 612
3Com 10014299 By default, L2TP is disabled, Configure AAA and Local Users, L2TP Attribute Table, Default list-name method1