Specifications
OmniAccess Reference: AOS-W System Reference
502 Part 031652-00 May 2005
Use the show crypto ipsec sa command on the switch to make sure the user
is doing IPSec encryption correctly.
If the initiator IP matches the client IP, then IPSec encryption is good.
Use the show vpdn l2tp pool command on the switch to check the availability
of VPN IP addresses.
Dialer connects and authenticates, but doesn’t logon.
This is indicates that either the username/password combination is wrong or
the RASIUS server is unreachable.
RSA SecurID users having this problem may nave been locked out, check the
RSA SecurID server. For more information, see
http://rsasecurity.agora.com/rsasecured/detail.asp?product_id=1404
Dialer connects but no traffic moves from applications.
This indicates that the L2TP/PPTP IP pool is not routable.
Generating a Self-Distributable Alcatel Dialer
To generate a self distributable Alcatel dialer, you need to:
1. Download and save the set (using winzip for example). Be sure to
maintain the directory structure.
2. In the same directory where dialer.Msi has been uncompressed, create a
file named config.htm with the following contents:
"DIALER_NAME"="Company Name"
"PPTP"=DWORD:0
(Alcatel)(config) #show crypto ipsec sa
Responder IP 10.1.1.158
Initiator IP 10.1.1.122
Initiator cookie ce91845e68f75026 Responder cookie 9635499cf2dad66e
Life secs 7200
transform: esp-3des esp-sha-hmac
(Alcatel) #show vpdn l2tp local pool
IP addresses used in pool vpn-pool-1
10.5.10.8
1 IPs used - 198 IPs free
2
3