 |
Note: For information about how to configure L2TP service, see the JUNOS Services Interfaces Configuration Guide and the JUNOS Network Interfaces Configuration Guide. |
For M7i and M10i routers, you can configure Layer 2 Tunneling Protocol (L2TP) tunneling security services on an Adaptive Services Physical Interface Card (PIC) or a MultiServices PIC. The L2TP protocol allows PPP to be tunneled within a network.
|
Note: For information about how to configure L2TP service, see the JUNOS Services Interfaces Configuration Guide and the JUNOS Network Interfaces Configuration Guide. |
To configure L2TP, include the following statements at the [edit access] hierarchy level:
- [edit access]
-
address-pool pool-name {
-
address address-or-prefix;
-
address-range low <lower-limit> high <upper-limit>;
- }
-
group-profile profile-name {
-
-
l2tp {
-
interface-id interface-id;
-
lcp-renegotiation;
-
local-chap;
-
maximum-sessions-per-tunnel number;
-
-
ppp {
-
cell-overhead;
-
encapsulation-overhead bytes;
-
framed-pool pool-id;
-
idle-timeout seconds;
-
interface-id interface-id;
-
keepalive seconds;
-
primary-dns primary-dns;
-
primary-wins primary-wins;
-
secondary-dns secondary-dns;
-
secondary-wins secondary-wins;
- }
- }
-
-
profile profile-name {
-
authentication-order [ authentication-methods ];
- accounting-order radius;
-
-
client client-name {
-
chap-secret chap-secret;
-
group-profile profile-name;
-
-
l2tp {
-
interface-id interface-id;
-
lcp-renegotiation;
-
local-chap;
-
maximum-sessions-per-tunnel number;
-
ppp-authentication (chap | pap);
-
shared-secret shared-secret;
- }
-
pap-password pap-password;
-
-
ppp {
-
cell-overhead;
-
encapsulation-overhead bytes;
-
framed-ip-address ip-address;
-
framed-pool framed-pool;
-
idle-timeout seconds;
-
interface-id interface-id;
-
keepalive seconds;
-
primary-dns primary-dns;
-
primary-wins primary-wins;
-
secondary-dns secondary-dns;
-
secondary-wins secondary-wins;
- }
-
user-group-profile profile-name;
- }
- }
-
-
radius-disconnect-port port-number {
-
-
radius-disconnect {
-
-
client-address {
-
secret password;
- }
- }
- }
-
-
radius-server server-address {
-
accounting-port port-number;
-
port port-number;
-
retry attempts;
-
secret password;
-
source-address source-address;
-
timeout seconds;
- }
- }
This section includes the following topics:
 | Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |