No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

PC Fails to Dial into LNS Because of Failure in Authentication of Tunnel

Publication Date:  2012-07-27 Views:  9 Downloads:  0
Issue Description
Topology: PC is of WIN-XP; R2631E is at VRP1.74-0105, serving as LNS of L2TP. PC gets an IP address of public network first, and then sets up an VPN tunnel of L2TP with R2631E  directly. 
Symptom: PC cannot dial into LNS. 
Alarm Information
L2TP::Chap response doesn''t pass authentication!  
Handling Process
Modify the configurations of the router as follows: omit the authentication for tunnel, and PC could dial into R2631E.
  l2tp-group 1                                                                  
  ! Default L2TP group                                                          
    allow l2tp virtual-template 1                                               
    mandatory-lcp                                                               
    tunnel name LNS                                                             
    undo tunnel authentication  
///Disable authentication for L2TP tunnel                                               
    tunnel password simple 123456
Root Cause
When the router serves as LNS, it performs CHAP authentication for tunnel of L2TP by default. Also, PC does not authenticate the tunnel by default in dialing, but only PPP authentication for session. From the debugging information, we could know that CHAP authentication fails during establishing L2TP tunnel, resulting in the failure of PC to dial into LNS. 
Suggestions
No

END