H3C SecPath F1800-A Operation Manual page 503

Operation Manual - VPN
H3C SecPath F1800-A Firewall
Configure authentication scheme.
Configure authentication mode.
When the user name is neither suffixed nor bound with any VT in the default domain,
this user can belong to any created VPN. For example, if the user is authenticated on
VT1, it belongs to such VPN bound with VT1.
When the user name is not suffixed, but bound with VT1 in the default domain, this
user can log in to such a VPN bound with VT1 even if it has used other VTs for
negotiation. Namely, this user only belongs to such a VPN bound with VT1.
Caution:
It is recommended to use the user name with suffix or bind a VT in the default domain;
otherwise, the user name without suffix can pass in and out each VPN at random,
which tends to cause potential safety hazard.
Do as follows in virtual template interface view.
Table 2-14 Configuring user authentication type
Configure user authentication type.
Remove user authentication type.
XIV. Setting the VT Interface Number for a Domain (optional)
Do as follows in domain view.
Table 2-15 Setting the VT interface number for a domain
Set a VT interface number for the domain.
Delete the VT interface number for the
domain.
Action
Action
Action
7-23
Chapter 2 L2TP Configuration
Command
authentication-scheme scheme-name
authentication-mode { [ hwtacacs |
radius | local ]* [ none ] }
Command
ppp authentication-mode { chap [ pap ] |
pap } [ call-in ]
undo ppp authentication-mode
Command
binding
[ Virtual-template-interface-number ]
undo binding virtual-template
virtual-template