Specify where to find the authentication file used to authenticate
l2tp tunnels. The default is /usr/local/etc/l2tp/l2tp-secrets.
Specify which IP address l2tpd should use. The default is all addresses.
Specify which udp port l2tpd should use. The default is 1701.
If set to use, the l2tpd process will only accept connections from
peers addresses specified in the following sections. CHECK
exclusive If set to yes, only one control tunnel will be allowed to be built between 2 peers. CHECK
(no) ip range Specify the range of ip addresses the LNS will assign to the connecting LAC PPP tunnels. Multiple ranges can be defined. Using the no statement disallows the use of that particular range. Ranges are defined using the format IP - IP (example: 220.127.116.11 - 18.104.22.168)
(no) lac Specify the ip addresses of LACs which are allowed to connect to l2tpd acting as a LNS. The format is the same as the ip range option.
hidden bit If set to yes, l2tpd will use the AVP hiding feature of L2TP. To get more information about hidden AVPs and AVP in general, refer to rfc2661 (add URL?)
local ip Use the following IP as l2tpds own ip address.
length bit If set to yes, the length bit present in the l2tp packet payload will be used.
(refuse | require) chap Will require or refuse the remote peer to get authenticated via CHAP for the ppp authentication.
(refuse | require) pap Will require or refuse the remote peer to get authenticated via PAP for the ppp authentication.
(refuse | require) authentication Will require or refuse the remote peer to authenticate itself.
unix authentication If set to yes, /etc/passwd will be used for remote peer ppp authentication.
hostname Will report this as the l2tpd hostname in negociation.
ppp debug This will enable the debug for pppd.
pppoptfile Specify the path for a file which contains pppd configuration parameters to be used.
call rws This option is deprecated and no longer functions. It used to be used to define the flow control window size for individual L2TP calls or sessions. The L2TP standard (RFC2661) no longer defines flow control or window sizes on calls or sessions.
tunnel rws This defines the window size of the control channel. The window size is defined as the number of outstanding unacknowledged packets, not as a number of bytes.
flow bits If set to yes, sequence numbers will be included in the communication. The feature to use sequence numbers in sessions is currently broken and does not function.
challenge If set to yes, use challenge authentication to authenticate peer.
The following are LAC specific configuration flags. Most of those described in the LNS section may be used in a LAC context, where it make common sense (essentially l2tp procotols tuning flags and authentication / ppp related ones).
lns Set the dns name or ip address of the LNS to connect to.
redial If set to yes, l2tpd will attemps to redial if the call get disconected.
redial timeout Wait X seconds before redial. The redial option must be set to yes to use this option.
max redial Will give up redial tries after X attempts.
/usr/local/etc/l2tp/l2tpd.conf /usr/local/etc/l2tp/l2tp-secrets /var/run/l2tp-control
Please address bugs and comment to firstname.lastname@example.org
Jeff McAdams <email@example.com>
Previous development was hosted at sourceforge (http://www.sourceforge.net/projects/l2tpd) by:
Based off of l2tpd version 0.60
Copyright (C)1998 Adtran, Inc.
Mark Spencer <firstname.lastname@example.org>
|Jean-Francois Dive||L2TPD.CONF (5)|