Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Client initiated L2TP and control channel passwords

I am building a CVS application for CPEs that use client-initiated tunneling feature. IOS version is 12.4(6)T3. The l2tp-class is

configured as below:

l2tp-class l2tpclass1

password 7 15145D015037812E70

The password string changes at a regular interval. I have two questions w.r.t the password changes.

1) Why does it happens? I have not seen this happening on other passwords that use encryption type 7. I could not find any references to this in "L2TP Control Channel Authentication Parameters" documentation.

2) Is there a way to stop this behavior? Currently there is a diff. generated even though the actual configuration has not changed because of the change in password string.


- Gaurav


Re: Client initiated L2TP and control channel passwords

If you configure "username xxxx password yyyyy" on a system, the encrypted form of the password will in fact change each time you do a "write memory." This is part of a "random seed" that's supposed to make the coded password harder to crack. If the box was actually configured by reading an NV config that contains the "password 7 151E080214382420" form, it should stay that way (basically, the internal format used to store the password is always the form it was "entered" in, and the password is encrypted appropriately (if it's not already encrypted) when you do the "writes.

CreatePlease login to create content