1762 CHAPTER 104: L2TP CONFIGURATION COMMANDS
By default, no L2TP group exists.
When you use the undo l2tp-group command to remove an L2TP group, all
configuration information associated with the group will be deleted.
Related command: allow l2tp and start l2tp.
Example # Create an L2TP group numbered 2 and enter its view.
<Sysname> system-view
[Sysname] l2tp-group 2
[Sysname-l2tp2]
mandatory-chap
Syntax mandatory-chap
undo mandatory-chap
View L2TP group view
Parameter None
Description Use the
mandatory-chap command to force the LNS to perform a CHAP
authentication of the user.
Use the
undo mandatory-chap command to disable CHAP authentication on
the LNS.
By default, an LNS does not perform CHAP authentication of users.
An LNS authenticates the client in addition to the proxy authentication that occurs
at the LAC for higher security. If the mandatory-chap command is used, two
authentications are performed for the clients connected to the VPN through an
initialized tunnel of the NAS: one on the NAS side and the other on the LNS side.
Some PPP clients may not support the second authentication. In this case, the local
CHAP authentication will fail.
Related command: mandatory-lcp.
Example # Perform CHAP authentication by force.
<Sysname> system-view
[Sysname] l2tp-group 1
[Sysname-l2tp1] mandatory-chap
mandatory-lcp
Syntax mandatory-lcp
