User`s guide
348 XSR User’s Guide
Configuration Examples Chapter 13
Configuring Security on the XSR
XSR(aaa-group)#pptp compression
XSR(aaa-group)#pptp encrypt mppe 128
XSR(aaa-group)#l2tp compression
XSR(aaa-group)#policy vpn
Configure DEFAULT group parameters including DNS and WINs servers, an
IP pool, PPTP and L2TP values, and client VPN permission:
XSR(config)#aaa group DEFAULT
XSR(aaa-group)#dns server primary 0.0.0.0
XSR(aaa-group)#dns server secondary 0.0.0.0
XSR(aaa-group)#wins server primary 0.0.0.0
XSR(aaa-group)#wins server secondary 0.0.0.0
XSR(aaa-group)#ip pool test
XSR(aaa-group)#pptp compression
XSR(aaa-group)#pptp encrypt mppe 128
XSR(aaa-group)#l2tp compression
XSR(aaa-group)#policy vpn
Define a group for remote access XP users including DNS and WINs servers,
an IP pool, PPTP and L2TP values, and client VPN permission:
XSR(config)#aaa group XPusers
XSR(aaa-group)#dns server primary 10.120.112.220
XSR(aaa-group)#dns server secondary 0.0.0.0
XSR(aaa-group)#wins server primary 10.120.112.220
XSR(aaa-group)#wins server secondary 0.0.0.0
XSR(aaa-group)#ip pool test
XSR(aaa-group)#pptp compression
XSR(aaa-group)#pptp encrypt mppe 128
XSR(aaa-group)#l2tp compression
XSR(aaa-group)#policy vpn
Configure the local AAA method for shared secret tunnels (NEM and client
mode tunnels):
XSR(config)#aaa method local
XSR(aaa-method-radius)#group DEFAULT
XSR(aaa-method-radius)#qtimeout 0
Configure the RADIUS AAA method to authenticate remote access users:
XSR(config)#aaa method radius msradius default
XSR(aaa-method-radius)#backup test