Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

security vpn l2tp remote-access authentication radius-server <ipv4> key <key>

Defines a RADIUS server authenticating L2TP VPN remote users.

set security vpn l2tp remote-access authentication radius-server ipv4 key key
delete security vpn l2tp remote-access authentication radius-server ipv4 [ key ]
show security vpn l2tp remote-access authentication radius-server ipv4 [ key ]
ipv4
Multi-node. The IPv4 address of the RADIUS server. Mandatory if authentication mode is radius.

You can define more than one RADIUS server by creating multiple radius-server configuration nodes.

key
The password for the RADIUS server. This must be the same as that recorded on the RADIUS server. Mandatory if authentication mode is radius.

Supported characters are alphanumeric, space, and special characters. Strings containing spaces must be enclosed in double quotes.

Configuration mode


security {
          vpn {
             l2tp {
                    remote-access {
                       authentication {
                          radius-server ipv4 {
                                       key key
                }    
             }   
          }  
       } 
    }
}

Use this command to define one or more RADIUS servers for authenticating remote L2TP VPN and the login credentials required to access it.

At least one RADIUS server must be defined if RADIUS is set as the user authentication mode.

RADIUS servers are queried in the order they were configured. If the query to the first RADIUS server times out, the next RADIUS server in the list is queried. If no query is successful, the login attempt fails.

The RADIUS secret is specified in plain text. RADIUS secrets are stored in plain text on the system, and used as part of a cryptographic operation for transferring authentication information securely over the network. When you view RADIUS secrets, they are displayed in plain text.

Use the set form of this command to define a RADIUS server. Note that you cannot use set to change the IP address of a defined server. To change the server's IP address, delete the server and create a new one.

Use the delete form of this command to remove the RADIUS server configuration node or the key. Note that the key is mandatory; if you delete the key, you must configure another one.

Use the show form of this command to display RADIUS server configuration.