L2TP Virtual Private Network (VPN) 902 Remote access L2TP VPN #include External IP address to which VPN clients will connect #include #include L2TP Network Server (LNS) Tunnel password used to authenticate the client (LAC) Sent to the client (LAC) in the Host-Name attribute #include Host-name must be alphanumeric and can contain hyphens Disable Compression Control Protocol (CCP) Internet Protocol Security (IPsec) for remote access L2TP VPN IPsec authentication settings Authentication mode for IPsec pre-shared-secret Use pre-shared secret for IPsec authentication x509 Use X.509 certificate for IPsec authentication (pre-shared-secret|x509) pre-shared-secret x509 #include #include IKE lifetime u32:30-86400 IKE lifetime in seconds 3600 ESP lifetime u32:30-86400 IKE lifetime in seconds 3600 #include #include #include Pool of client IP addresses (must be within a /24) #include #include #include #include #include PPP idle timeout u32:30-86400 PPP idle timeout in seconds Authentication for remote access L2TP VPN Authentication protocol for remote access peer L2TP VPN pap Require the peer to authenticate itself using PAP [Password Authentication Protocol]. chap Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol]. mschap Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol]. mschap-v2 Require the peer to authenticate itself using MS-CHAPv2 [Microsoft Challenge Handshake Authentication Protocol, Version 2]. (pap|chap|mschap|mschap-v2) pap chap mschap mschap-v2 #include #include #include #include #include #include Mark server unavailable for N seconds on failure u32:0-600 Fail time penalty Fail time must be between 0 and 600 seconds Timeout to wait response from server (seconds) Timeout to wait reply for Interim-Update packets Maximum number of tries to send Access-Request/Accounting-Request queries #include #include IPv4 address and port to bind Dynamic Authorization Extension server (DM/CoA) IP address for Dynamic Authorization Extension server (DM/CoA) Port for Dynamic Authorization Extension server (DM/CoA) 1700 Secret for Dynamic Authorization Extension server (DM/CoA) #include Advanced protocol options #include #include #include