Configuring L2TP tunnel authentication
Tunnel authentication allows the LAC and LNS to authenticate each other. Either the LAC or the LNS can initiate a tunnel authentication request.
You can enable tunnel authentication on both sides or either side.
To ensure a successful tunnel establishment when tunnel authentication is enabled on both sides or either side, set the same non-null key on the LAC and the LNS. To set the tunnel authentication key, use the tunnel password command.
When neither side is enabled with tunnel authentication, the key settings of the LAC and the LNS do not affect the tunnel establishment.
To ensure tunnel security, enable tunnel authentication.
For the tunnel authentication key change to take effect, change the tunnel authentication key before tunnel negotiation is performed.
To configure L2TP tunnel authentication:
Step | Command | Remarks |
|---|---|---|
1. Enter system view. | system-view | N/A |
2. Enter L2TP group view. | l2tp-group group-number [ mode { lac | lns } ] | N/A |
3. Enable L2TP tunnel authentication. | tunnel authentication | By default, L2TP tunnel authentication is enabled. |
4. Set the tunnel authentication key. | tunnel password { cipher | simple } string | By default, no key is set. |