Issue Description
The dial-up users attached to the AR1821 failed in dial-up. The dial-up client prompted the user name or password error.
Handling Process
1. View the configuration:
#
l2tp enable
#
domain lwwsj
ip pool 1 192.168.200.2 192.168.200.254
#
local-user test@lwwsj
password simple test
service-type ppp
#
interface Virtual-Template0
ppp authentication-mode pap domain lwwsj
ip address 192.168.200.1 255.255.255.0
remote address pool 1
#
interface Ethernet3/0
ip address x.x.x.x 255.255.255.252
#
l2tp-group 1
undo tunnel authentication
mandatory-lcp
allow l2tp virtual-template 0
#
ip route-static 0.0.0.0 0.0.0.0 x.x.x.x preference 60
2. In VRP3.40, the L2TP user must set the user name and password on the router for local authentication. The user name does not need to include the corresponding domain name. For example, in the preceding configuration, test@lwwsj is a user name wrongly set. The correct name should be "test". It is unnecessary to add the at symbol ("@") and domain name.
3. Change the user name to "test". The problem is thus solved.
Root Cause
1. Wrong configuration
2. Problem of PC configuration
Suggestions
VRP3.4 is different from VRP1.74 in the local authentication of L2TP users on the mid-range and low-end routers. In the former, the user name does not need to include the at symbol ("@") and domain name. In the latter, the at symbol ("@") and domain name must be included in the user name.