Table of Contents
Advertisement
Configuring Peer Resynchronization for L2TP Host Profiles and AAA Domain Map Tunnels
Copyright © 2010, Juniper Networks, Inc.
You can use the CLI or RADIUS to configure the resynchronization method for your router.
1. Configuring Peer Resynchronization for L2TP Host Profiles and AAA Domain Map
Tunnels on page 383
2. Configuring the Global L2TP Peer Resynchronization Method on page 384
3. Using RADIUS to Configure Peer Resynchronization on page 385
The JunosE CLI enables you to configure the peer resynchronization method globally, for
a host profile, or for a domain map tunnel. A host profile or domain map tunnel
configuration takes precedence over the global peer resynchronization configuration.
When you change the peer resynchronization method, the change is not immediately
applied to existing tunnels. Tunnels continue using their current resynchronization method
until the next time the tunnel is reestablished.
Use the failover-resync command to configure the L2TP peer resynchronization method
for L2TP host profiles and AAA domain map tunnels. This command takes precedence
over the global peer resynchronization configuration.
Choose one of the following keywords to specify the peer resynchronization method:
failover-protocol—The tunnel uses the L2TP failover protocol method. If the peer
non-failed endpoint does not support the L2TP failover protocol, a failover forces
disconnection of the tunnel and all of its sessions.
failover-protocol-fallback-to-silent-failover—The tunnel uses the L2TP failover
protocol method; however, if the peer non-failed endpoint does not support the L2TP
failover protocol method, the tunnel falls back to using the silent failover method.
silent-failover—The tunnel uses the silent failover method. The tunnel also informs
its peer that it supports the failover protocol method for the peer's failovers.
disable—The tunnel does not use any peer resynchronization method for its own
failovers, The tunnel informs its peer that it supports the failover protocol method for
the peer's failovers. A failover forces the disconnection of the tunnel and all of its
sessions.
not-configured—Peer resynchronization is not configured for L2TP host profiles and
AAA domain map tunnels. L2TP uses the global failover method.
By default, peer resynchronization is not configured at the L2TP profile-level or the domain
map-level—therefore, the global configuration is used. This is different than using the
disable keyword, which specifies that no peer synchronization method is used.
Use the show l2tp destination profile command to display a host profile's peer
resynchronization configuration and the show aaa domain-map command to display a
domain map's configuration.
To configure peer resynchronization for an L2TP host profile:
host1(config)#l2tp destination profile lac-dest ip address 192.168.20.2
host1(config-l2tp-dest-profile)#remote host lac-host
Chapter 13: Configuring an L2TP LNS
383
Advertisement
Table of Contents
Troubleshooting
