Cisco ASA 5505 User Manual

Page 1404

Advertising
background image

65-14

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 65 Configuring L2TP over IPsec

Configuring L2TP over IPsec

Step 8

tunnel-group

name type remote-access

Example:

hostname(config)# tunnel-group sales-tunnel type

remote-access

Creates a connection profile (tunnel group).

Step 9

default-group-policy

name

Example:

hostname(config)# tunnel-group DefaultRAGroup

general-attributes

hostname(config-tunnel-general)# default-group-policy

DfltGrpPolicy

Links the name of a group policy to the
connection profile (tunnel group).

Step 10

authentication-server-group

server_group [local]

Example:

hostname(config)# tunnel-group DefaultRAGroup

general-attributes

hostname(config-tunnel-general)# authentication-server-group

sales_server LOCAL

Specifies a method to authenticate users
attempting L2TP over IPsec connections,
for the connection profile (tunnel group). If
you are not using the ASA to perform local
authentication, and you want to fallback to
local authentication, add LOCAL to the end
of the command.

Step 11

authentication

auth_type

Example:

hostname(config)# tunnel-group name ppp-attributes

hostname(config-ppp)# authentication ms-chap-v1

Specifies the PPP authentication protocol
for the tunnel group. See

Table 65-1

for the

types of PPP authencation and their
characteristics.

Step 12

tunnel-group

tunnel group name ipsec-attributes

Example:

hostname(config)# tunnel-group DefaultRAGroup

ipsec-attributes

hostname(config-tunnel-ipsec)# ikev1 pre-shared-key cisco123

Sets the pre-shared key for your connection
profile (tunnel group).

Step 13

accounting-server-group

aaa_server_group

Example:

hostname(config)# tunnel-group sales_tunnel

general-attributes

hostname(config-tunnel-general)# accounting-server-group

sales_aaa_server

(Optional) Generates a AAA accounting
start and stop record for an L2TP session for
the connection profile (tunnel group).

Step 14

l2tp tunnel hello

seconds

Example:

hostname(config)# l2tp tunnel hello 100

Configures the interval (in seconds)
between hello messages. The range is 10
through 300 seconds. The default interval is
60 seconds.

Command

Purpose

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals