default-domain authentication (L2TP group view)

Function

The default-domain authentication command specifies the authentication domain for L2TP users.

The undo default-domain authentication command cancels the authentication domain of L2TP users.

By default, no authentication domain is specified for L2TP users. The command is valid only on the LNS.

This command is supported only on the NetEngine 8000 F1A.

Format

default-domain authentication domain-name

default-domain authentication force domain-name

default-domain authentication replace domain-name

undo default-domain

Parameters

Parameter	Description	Value
domain-name	Specifies the default authentication domain name of the L2TP user.	The value is a string of 1 to 64 characters. The specified domain must already exist.
force domain-name	Specifies the default mandatory authentication domain of the L2TP user.	The value is a string of 1 to 64 characters. The specified domain must already exist.
replace domain-name	Specifies the default replaced authentication domain of the L2TP user.	The value is a string of 1 to 64 characters. The specified domain must already exist.

Parameter

Description

Value

domain-name

Specifies the default authentication domain name of the L2TP user.

The value is a string of 1 to 64 characters. The specified domain must already exist.

force domain-name

Specifies the default mandatory authentication domain of the L2TP user.

The value is a string of 1 to 64 characters. The specified domain must already exist.

replace domain-name

Specifies the default replaced authentication domain of the L2TP user.

The value is a string of 1 to 64 characters. The specified domain must already exist.

Views

L2TP group view

Default Level

2: Configuration level

Task Name and Operations

Task Name	Operations
l2tp	write

Usage Guidelines

Usage Scenario

The default-domain authentication command specifies the default authentication domain for the L2TP user. When a user goes online at the LAC side by using a user name without domain name, the LNS assigns the user to the default domain. The user domain adopts the configuration of the default domain. If the default authentication domain is not specified, that is, the user goes online at the LAC side by using a user name without domain name, the LNS considers the user going online from domain default1.

The default-domain authentication force command specifies the mandatory authentication domain for L2TP users. When a user goes online at the LAC side, the LNS assigns the user to the mandatory authentication domain, but does not change the domain name. The user domain adopts the configuration of the mandatory authentication domain.

The default-domain authentication replace command specifies the replaced authentication domain for L2TP users. When a user goes online at the LAC side, the LNS switches the user to the replaced domain and changes the user domain name to the name of the replaced authentication domain. The user domain adopts the configuration of the replaced authentication domain.

Precautions

In VS mode, this command is supported only by the admin VS.

Example

# Set the default authentication domain of the L2TP users in L2TP group lns1 to ISP1.

<HUAWEI> system-view
[~HUAWEI] aaa
[~HUAWEI-aaa] domain isp1
[~HUAWEI-aaa-domain-isp1] commit
[~HUAWEI-aaa-domain-isp1] quit
[~HUAWEI-aaa] quit
[~HUAWEI] l2tp-group lns1
[*HUAWEI-l2tp-lns1] default-domain authentication isp1