Concept Guide
(host)(config) #vpdn group l2tp
enable
client dns 101.1.1.245
(host)(config) #ip local pool sc-clients 10.1.1.1 10.1.1.250
(host)(config) #crypto-local isakmp server-certificate MyServerCert
(host)(config) #crypto-local isakmp ca-certificate TrustedCA
(host)(config) #crypto isakmp policy 1
authentication rsa-sig
The following command configures client entries in the internal database in enable mode:
(host)(config) #local-userdb add username <name> password <password>
The following example configures a VPN for XAuth IKEv1 clients in config mode using a username and
password:
(host)(config) #aaa authentication vpn default
server-group internal
crypto-local isakmp xauth
(host)(config) #vpdn group l2tp
enable
client dns 101.1.1.245
(host)(config) #ip local pool pw-clients 10.1.1.1 10.1.1.250
(host)(config) #crypto isakmp key 0987654 address 0.0.0.0 netmask 0.0.00
(host)(config) #crypto isakmp policy 1
authentication pre-share
Enter the following command in enable mode to configure client entries in the internal database:
(host)(config) #local-userdb add username <name> password <password>
Command History
Version Description
ArubaOS 3.0
Command introduced.
ArubaOS 5.0
The default-cap and default-rap profiles were introduced.
ArubaOS 6.1
The cert-cn-lookup parameter was introduced.
ArubaOS 6.3 The user-idle-timeout parameter was introduced.
ArubaOS 6.3.1 The export-route parameter was introduced.
Dell Networking W-Series ArubaOS 6.5.x | Reference Guide aaa authentication vpn | 72