Setting the hello interval, Enabling tunnel flow control, Disconnecting tunnels by force – H3C Technologies H3C SecPath F1000-E User Manual

Page 274

262

To configure L2TP tunnel authentication:

Step Command

Remarks

Enter system view.

system-view

N/A

Enter L2TP group view.

l2tp-group group-number N/A

Enable L2TP tunnel

authentication.

tunnel authentication

Optional.
Enabled by default.

Configure the tunnel

authentication password.

tunnel password { simple | cipher }
password

The password is null by default.

NOTE:
•

To ensure tunnel security, enable tunnel authentication.

•

To change the tunnel authentication password, do so after tearing down the tunnel. Otherwise, your
change does not take effect.

Setting the hello interval

To check the connectivity of a tunnel, the LAC and LNS regularly send each other hello packets. On
receipt of a hello packet, the LAC or LNS returns a response packet. If the LAC or LNS receives no hello

response packet from the peer within a specific period of time, it retransmits the hello packet. If it receives

no response packet from the peer after transmitting the hello packet three times, it considers the L2TP

tunnel is down and tries to re-establish a tunnel with the peer.
To set the hello interval:

Step Command

Remarks

Enter system view.

system-view

N/A

Enter L2TP group view.

l2tp-group group-number N/A

Set the hello interval.

tunnel timer hello hello-interval

Optional.
60 seconds by default.

Enabling tunnel flow control

The L2TP tunnel flow control function controls data packet transmission by buffering and adjusting data

packets that arrive out of order.
To enable tunnel flow control:

Step Command

Remarks

Enter system view.

system-view

N/A

Enter L2TP group view.

l2tp-group group-number N/A

Enable the tunnel flow

control function.

tunnel flow-control

Optional.
Disabled by default.

Disconnecting tunnels by force

Either the LAC or the LNS can initiate a tunnel disconnection request. You can also disconnect a tunnel

when no users are online or a network failure occurs. Once a tunnel is disconnected, the control

This manual is related to the following products:

H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS