Table of Contents
Advertisement
Sends the packet to the next hop LTS.
To avoid loop detection errors, make sure the TSA ID of each LTS is unique.
To set the TSA ID of the LTS:
Step
1.
Enter system view.
2.
Set the TSA ID of the LTS
and enable L2TP loop
detection on the LTS.
Enabling L2TP-based EAD
Restrictions and guidelines
EAD authentication fails if no or incorrect ACLs or rules are configured on the CAMS/IMC server
even if EAD is enabled on the LNS.
The LNS can use different ACLs to filter packets from different iNode clients.
As a best practice, use EAD authentication for iNode clients on the Internet and use portal
authentication for iNode clients on a LAN.
Prerequisites
Make sure AAA, RADIUS, L2TP, firewalls, and PPP are configured as required before you enable
L2TP-based EAD.
For more information about portal, see
For more information about AAA and RADIUS, see
For more information about configuring the security policy server, see CAMS EAD Security Policy
Manager Help and CAMS EAD Security Policy Manager Help.
Procedure
To enable L2TP-based EAD:
Step
1.
Enter system view.
2.
Create a VT interface and
enter its view
3.
Enable L2TP-based EAD.
Configuring IMSI/SN binding authentication on the
LNS
Configure this feature on the LNS to initiate IMSI/SN binding authentication in either of the following
conditions:
•
A 3G or 4G router acts as a LAC client and accesses the LNS in client-initiated mode.
•
A 4G router acts as an LAC and is automatically triggered to access the LNS in
LAC-auto-initiated mode.
Command
system-view
l2tp tsa-id tsa-id
"Configuring portal
"Configuring
Command
system-view
interface virtual-template
interface-number
ppp access-control enable
266
Remarks
N/A
By default, the TSA ID of the LTS
is not configured, and L2TP loop
detection is disabled on the LTS.
authentication."
AAA."
Remarks
N/A
N/A
By default, L2TP-based EAD is
disabled.
Advertisement
Table of Contents
Troubleshooting
