H3C SecPath Series Скачать руководство пользователя страница 7

Страница: 7 / 42

Command Manual – User Access
H3C SecPath Series Security Products

Chapter 1 PPP Configuration Commands

1-5

Description

Use the

ppp authentication-mode

command to set the mode that the local PPP uses

to authenticate the peer.

Use the

undo ppp authentication-mode

command to disable authentication.

If you execute the

ppp authentication-mode

{

pap

chap

} command without

specifying a domain, the system-default domain or system applies by default, adopting

local authentication and using the address pool in the system domain for address

allocation. You may view the configuration of this default domain with the

display

domain

command.

If a domain is specified, you must configure an address pool in the specified domain.

If a received username includes a domain name, this domain name is used for

authentication (if the name does not exist, authentication is denied). Otherwise, the

domain name configured for PPP authentication applies.

By default, no authentication is performed.

There are two PPP authentication modes:

PAP, a two-way handshake authentication, which sends the password in plain

text.

CHAP, a three-way handshake authentication, which sends the password in

encrypted text.

In addition, the defined AAA authentication mode list can be used.

Either CHAP or PAP is just an authentication process. The success of the

authentication is decided by AAA, which can authenticate on the basis of the local

authentication database or AAA server.

Related command:

local-user

ppp chap user

ppp pap local-user

ppp pap

password

ppp chap password

Example

# Set the authentication mode on the interface Virtual-Template1 to PAP to authenticate

the peer.

[H3C-Virtual-Template1] ppp authentication-mode pap

1.1.6 ppp chap password

Syntax

ppp chap password

{

simple

cipher

}

password

undo ppp chap password

View

Interface view

Содержание SecPath Series

Страница 1: ...ld 1 12 1 2 PPP Link Efficiency Mechanism Commands 1 13 1 2 1 debugging ppp compression iphc rtp 1 13 1 2 2 debugging ppp compression iphc tcp 1 14 1 2 3 display ppp compression iphc rtp 1 15 1 2 4 di...

Страница 2: ...bundle 3 2 3 1 4 dialer group 3 3 3 1 5 dialer rule 3 4 3 1 6 dialer user 3 5 3 1 7 display pppoe client session 3 5 3 1 8 interface dialer 3 7 3 1 9 pppoe client 3 8 3 1 10 reset pppoe client 3 9 Cha...

Страница 3: ...iew Parameter cbcp packet Enable CBCP packet debugging scp packet Enable SCP packet debugging ccp Enable CCP debugging all Enable all debugging switches event Enable event information debugging error...

Страница 4: ...der compression debugging compression iphc tcp Enable IP TCP header compression debugging pap Enable PPP PAP authentication debugging vjcomp packet Enable PPP VJCOMP packet debugging all Enable all de...

Страница 5: ...ket Enable PPP IP packet debugging ipcp Enable PPP IP control protocol debugging lcp Enable PPP network control protocol debugging lqc packet Enable PPP link quality control protocol debugging mp Enab...

Страница 6: ...link control protocol NCP network layer control protocol PAP Password Authentication Protocol and CHAP Challenge Handshake Authentication Protocol It is widely used for it supports user authentication...

Страница 7: ...tion if the name does not exist authentication is denied Otherwise the domain name configured for PPP authentication applies By default no authentication is performed There are two PPP authentication...

Страница 8: ...assword for the local firewall to be authenticated in CHAP mode to mypwd in plain text H3C Virtual Template1 ppp chap password simple mypwd 1 1 7 ppp chap user Syntax ppp chap user username undo ppp c...

Страница 9: ...all from allocating a DNS address to peers By default the firewall does not allocate DNS address to peers When peer devices connect with the firewall through PPP for example when a PC dials in the gat...

Страница 10: ...SP this allows the firewall to accept the unsolicited DNS address allocated by the peer through negotiation and then use the allocated DNS server to resolve domain names Use the undo ppp ipcp dns admi...

Страница 11: ...ipcp remote address forced command on the interface of the firewall Related command remote address Example Set the IP address to be allocated to the peer by the PPP encapsulated interface Dialer1 to 1...

Страница 12: ...Example Enable interface Dialer0 to request for a DNS address H3C Dialer0 ppp ipcp dns request 1 1 12 ppp lqc Syntax ppp lqc forbidden percentage resumptive percentage undo ppp lqc View Interface view...

Страница 13: ...raged to enable PPP LQC on a dial up line That is because in case the link is disabled the DCC would disconnect the dial up line resulting in inability of LQC to work LQC can operate again only after...

Страница 14: ...mode to myuser and mypwd H3C Serial1 0 0 ppp pap local user myuser password simple mypwd 1 1 14 ppp timer negotiate Syntax ppp timer negotiate seconds undo ppp timer negotiate View Interface view Para...

Страница 15: ...face Example Set the time cycle for sending keepalive packets from the interface Ethernet0 0 0 to 20 seconds H3C Ethernet0 0 0 timer hold 20 1 2 PPP Link Efficiency Mechanism Commands 1 2 1 debugging...

Страница 16: ...l context_state error full_header general_info undo debugging ppp compression iphc tcp all context_state error full_header general_info View User view Parameter all Enables all IPHC TCP debugging cont...

Страница 17: ...he display ppp compression iphc rtp command to view the statistic information of the RTP header compression Example H3C display ppp compression iphc rtp 1 2 4 display ppp compression iphc tcp Syntax d...

Страница 18: ...splay ppp compression stac lzs command to view information about STAC LZS compression Example Display information about STAC LZS compression H3C display ppp compression stac lzs Staz lzs compression I...

Страница 19: ...ression iphc View Interface view Parameter nonstandard Nonstandard encapsulation mode Description Use the ppp compression iphc command to enable IP header compression on the interface Use the undo ppp...

Страница 20: ...and to cancel the configuration and restore the default value RTP is connection oriented the number of RTP connections that a link can accommodate is relatively large The use of compression however re...

Страница 21: ...at a link can accommodate is relatively large The use of compression however requires the system to maintain some information for each connection when compressing headers To restrict the memory load g...

Страница 22: ...all you are recommended to disable the function when the load on the firewall is heavy Note that STAC LZS compression can take effect on a PPP link only when the stac lzs option is configured on both...

Страница 23: ...ession iphc 1 2 12 reset ppp compression stac lzs Syntax reset ppp compression stac lzs interface type interface number View User view Parameter interface type Interface type interface number Interfac...

Страница 24: ...ay pppoe server session command to view the status and statistics of PPPoE session Related command link protocol ppp pppoe server bind Example View all the session information of PPPoE H3C display ppp...

Страница 25: ...D Out Discard Discarded packages that might be sent 2 1 2 pppoe server bind virtual template Syntax pppoe server bind virtual template number undo pppoe server bind View Interface view Parameter numbe...

Страница 26: ...f command to enable the output display By default the system outputs the PPP related log information generated by the PPPoE server Example Disable the output display of the PPP related log information...

Страница 27: ...undo pppoe server max sessions remote mac View System view Parameter number Maximum number of PPPoE sessions that can be established at a peer MAC address Description Use the pppoe server max session...

Страница 28: ...max sessions remote mac and pppoe server max sessions local mac Example Set the maximum number of PPPoE sessions established by the system to 300 H3C pppoe server max sessions total 300 2 1 7 reset p...

Страница 29: ...ient error information debugging switch event Enable PPPoE client event debugging switch packet Enable PPPoE Discovery phase negotiation packet debugging switch verbose Display the verbose contents of...

Страница 30: ...Dialer1 dialer enable circular 3 1 3 dialer bundle Syntax dialer bundle number undo dialer bundle View Dialer interface view Parameter number Number of dialer bundle ranging from 1 to 255 Description...

Страница 31: ...the dialer access group By default the interface is not placed in the dialer access group This command is used for associating a physical interface with a dialer access group Through the dialer rule...

Страница 32: ...ponds Description Use the dialer rule command to configure the conditions of the data packet that can trigger a DCC call Use the undo dialer rule command to cancel the setting By default no conditions...

Страница 33: ...By default no remote user name is set This command is only valid on dialer interfaces of Resource Shared DCC Up to 255 Dialer users can be set on one Dialer interface When one Dialer interface is con...

Страница 34: ...display pppoe client session summary There is 2 session in total ID Bundle Dialer Intf Client MAC Server MAC State 1 1 1 Eth0 00e0fc0254f3 00049a23b050 PPPUP 2 2 2 Eth0 00e0fc0254f3 00049a23b050 PPPUP...

Страница 35: ...e of 0 to 1 023 Description Use the interface dialer command to create a dialer circular group for the Circular DCC or configure a dialer interface for the Resource Shared DCC Use the undo interface d...

Страница 36: ...ndle number number Dialer Bundle number corresponding to PPPoE session and its value ranges from 1 to 255 The parameter number can be used to identify a PPPoE session or as a PPPoE session no hostuniq...

Страница 37: ...data to transmit If there is no data transmission on the PPPoE link within seconds the firewall automatically terminates the PPPoE session Only when it has new data to transmit the PPPoE session can b...

Страница 38: ...nd Manual User Access H3C SecPath Series Security Products Chapter 3 PPPoE Client Configuration Commands 3 10 Example Clear all PPPoE sessions and re initiate PPPoE session later H3C reset pppoe clien...

Страница 39: ...ce Description Use the display vlan interface command to view the VLAN configuration information about a certain interface only supporting sub interface Example Display the VLAN configuration informat...

Страница 40: ...arameter vid VLAN ID used to identify a VLAN Description Use the display vlan statistics vid command to view packet statistics on a certain VLAN e g the received packet number and the sent packet numb...

Страница 41: ...this VLAN reaches the limitation the subsequently received packets belonging to the VLAN will be discarded Through this command you can perform flow control Related command display vlan max packet pro...

Страница 42: ...o 4094 Description Use the vlan type dot1q command to set the encapsulation type on the sub interface By default there is no encapsulation on the subinterface nor VLAN ID associated with the subinterf...

Результаты поиска

Содержание SecPath Series

Отзывы:

Похожие инструкции для SecPath Series

Бренды по названию

Популярные бренды

H3C SecPath Series, Руководство по управлению

Результаты поиска

Содержание SecPath Series

Отзывы:

Похожие инструкции для SecPath Series

Бренды по названию

Популярные бренды