Cisco ASA 5505 User Manual

Page 1400

Advertising
background image

65-10

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 65 Configuring L2TP over IPsec

Configuring L2TP over IPsec

Step 7

default-group-policy

name

Example:

hostname(config)# tunnel-group DefaultRAGroup

general-attributes

hostname(config-tunnel-general)# default-group-policy

DfltGrpPolicy

Links the name of a group policy to the
connection profile (tunnel group).

Step 8

ip local pool

pool_name starting_address-ending_address

mask

subnet_mask

Example:

hostname(config)# ip local pool sales_addresses

10.4.5.10-10.4.5.20 mask 255.255.255.0

(Optional) Creates an IP address pool.

Step 9

address-pool

pool_name

Example:

hostname(config)# tunnel-group DefaultRAGroup

general-attributes

hostname(config-tunnel-general)# address-pool

sales_addresses

(Optional) Associates the pool of IP
addresses with the connection profile
(tunnel group).

Step 10

authentication-server-group

server_group

Example:

hostname(config)# tunnel-group DefaultRAGroup

general-attributes

hostname(config-tunnel-general)# authentication-server-group

sales_server LOCAL

Specifies a method to authenticate users
attempting L2TP over IPsec connections,
for the connection profile (tunnel group). If
you are not using the ASA to perform local
authentication, and you want to fallback to
local authentication, add LOCAL to the end
of the command.

Step 11

authentication

auth_type

Example:

hostname(config)# tunnel-group name ppp-attributes

hostname(config-ppp)# authentication ms-chap-v1

Specifies the PPP authentication protocol
for the tunnel group. See

Table 65-1

for the

types of PPP authencation and their
characteristics.

Step 12

tunnel-group

tunnel group name ipsec-attributes

Example:

hostname(config)# tunnel-group DefaultRAGroup

ipsec-attributes

hostname(config-tunnel-ipsec)# pre-shared-key cisco123

Sets the pre-shared key for your connection
profile (tunnel group).

Step 13

accounting-server-group

aaa_server_group

Example:

hostname(config)# tunnel-group sales_tunnel

general-attributes

hostname(config-tunnel-general)# accounting-server-group

sales_aaa_server

(Optional) Generates a AAA accounting
start and stop record for an L2TP session for
the connection profile (tunnel group).

Command

Purpose

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals