Huawei v200r001 IV. LNS forces LCP to renegotiate, V. Set domain name delimiter and search sequence

User Manual - Configuration Guide (Volume 3)

Versatile Routing Platform Chapter 2

Configuration of L2TP

2-11

LNS side. Only after passing the two authentications can the channel be establis hed.

Only when configured at LNS side will it be valid to force local end to perform CHAP

authentication.

If CHAP authentication is forced to perform at LNS side, user nam e, password and user

authentication need to be set in advance at LNS side and AAA must be started, before

local end can be forced to perform CHAP authentication.

Perform the following task in the configuration mode of VPDN group.

Table VPN-2-12 Force local end to perform CHAP authentication

Operation Command

Force local end to perform CHAP authentication. force-local-chap

Cancel the operation that local end performs CHAP authentication. no force-local-chap

Local end does not perform CHAP authentication by default.

IV. LNS forces LCP to renegotiate

For NAS-Initialized VPN service request, at the beginning of PPP sessi on, the users

first perform PPP negotiation with NAS. If negotiation succ eeds, NAS initiated channel

will be connected and the user information will be transmitted to LNS that decides the

legality based on the received agent authentication information.

But in some specific cases (e.g. when it is necessary to authenticate and charge at

LNS), the command “lcp renegotiation” can be used to force LNS to perform LCP

negotiation with users again, neglecting agent authentication inform ation at N AS side.

Only when configured at LNS side, can it be valid to force LCP to renego tiate.

Perform the following task in the configuration mode of VPDN group.

Table VPN-2-13 Force LCP to renegotiate

Operation Command

Force LCP to renegotiate. lcp renegotiation

Disable LCP to renegotiate. no lcp renegotiation

LCP does not renegotiate by default.

V. Set domain name delimiter and search sequence

In the case of a lot of L2TP access users, it will waste time to search users in sequence.

Here, set the necessary search tactics (e.g. prefix and suff ix delimiters) to speed up the

search.

The delimiter includes prefix delimiter and suffix delimiter. The delimiter includes f our

special characters: @, # , & and /. The example of the user with prefix delimiter is

“huawei.com# vpdnuser” and the example of the user with suffix delimiter is

“vpdnuser@huawei.com”. In the search, separate user name from prefix/suffix

delimiter. The search based on defined rules will greatly speed up search sequence.

After setting prefix/suffix delimiter, four search orders are optional:

z “dnisdomain” (First search according to called number, then according to domain

name)