Manualshelf

Manual

ManualsBrandsCisco ManualsSoftwareCisco IOS Software Release 12.0(29)S
71727374757677787980
Layer 2 Tunnel Protocol Version 3
authentication
77
Cisco IOS Releases 12.0(29)S and 12.2(25)S
authentication
To enable Layer 2 Tunnel Protocol Version 3 (L2TPv3) Challenge Handshake Authentication Protocol
(CHAP) style authentication, use the authentication command in L2TP class configuration mode. To
disable L2TPv3 CHAP-style authentication, use the no form of this command.
authentication
no authentication
Syntax Description This command has no arguments or keywords.
Defaults L2TPv3 CHAP-style authentication is disabled.
Command Modes L2TP class configuration
Command History
Usage Guidelines Two methods of control channel authentication are available in Cisco IOS Release 12.0(29)S. The
L2TPv3 Control Channel Hashing feature (enabled with the digest command) introduces a more robust
authentication method than the older CHAP-style method of authentication enabled with the
authentication command. You may choose to enable both methods of authentication to ensure
interoperability with peers that support only one of these methods of authentication, but this
configuration will yield control of which authentication method is used to the peer PE router. Enabling
both methods of authentication should be considered an interim solution to solve
backward-compatibility issues during software upgrades.
Table 5 shows a compatibility matrix for the different L2TPv3 authentication methods. PE1 is running
Cisco IOS 12.0(29)S, and the different possible authentication configurations for PE1 are shown in the
first column. Each remaining column represents PE2 running software with different available
authentication options, and the intersections indicate the different compatible configuration options for
PE2. If any PE1/PE2 authentication configuration poses ambiguity on which method of authentication
will be used, the winning authentication method is indicated in bold. If both the old and new
authentication methods are enabled on PE1 and PE2, both types of authentication will occur.
Release Modification
12.0(23)S This command was introduced.
12.2(25)S This command was integrated into Cisco IOS Release 12.2(25)S.