Nortel Networks L2TP manual Data Path Through the Network

Page 74

Configuring L2TP Services

6.In the L2TP Tunneling Security window, enable tunnel authentication.

Parameter Name

Value

 

 

Enable Tunnel Authentication

Enable

 

 

Tunnel Authentication Password

LAC1

 

 

7.In the L2TP IP Interface window, enter the L2TP IP address.

Parameter Name

Value

 

 

L2TP IP Interface Address

192.32.68.2

 

 

Subnet Mask

255.255.255.0

 

 

During the L2TP session, the RADIUS server assigns the following IP addresses:

jsmart@baynetworks.com: 192.32.40.1

mmark@baynetworks.com: 192.32.40.2

These addresses are stored in the RADIUS server database.

Data Path Through the Network

After all components of the network are configured, jsmart can place a call to the local ISP. The LAC that receives this call sends the user name to the TMS, which verifies the domain name and address and sends this information back to the LAC so that it can forward the data.

The LAC then negotiates the initiation of the tunnel with the LNS, and the tunnel is brought up. The LNS then authenticates jsmart@baynetworks.com with the RADIUS server. After the RADIUS server grants access, it assigns the address

192.32.40.1to jsmart, to include the remote host (jsmart’s PC) in the virtual private network.

Data now passes through the tunnel from jsmart’s PC to the LNS for the duration of the L2TP session. When jsmart disconnects the call, the session is terminated. If no other active sessions are using the tunnel, the tunnel is brought down.

B-4

303532-A Rev 00

Image 74
Contents Configuring L2TP Services Copyright 1998 Bay Networks, Inc Bay Networks, Inc. Software License Agreement Rev Contents Chapter Starting L2TP Appendix B Configuration Examples Page Figures Page Tables Page Preface Before You BeginText Conventions Italic textAcronyms How to Get Help Bay Networks Technical PublicationsChapter L2TP Overview TopicWhat Is Tunneling? L2TP BenefitsL2TP Sessions Components of an L2TP Network Remote HostTunnel Management Server TMS L2TP Access Concentrator LACRemote Access Server RAS L2TP Network Server LNS Radius ServerL2TP Network Using a LAC Examples of L2TP NetworksL2TP Packet Encapsulation Packet Encapsulation ProcessMaking a Connection Across an L2TP Network Security in an L2TP Network Bay Networks L2TP Implementation Tunnel Authentication Tunnel ManagementShows tunnel authentication Radius User Authentication Radius Accounting L2TP IP Interface AddressesRemote Router Configuration Remote Router Dialing the LNSWhere to Go Next If you want to Go toPage Chapter Starting L2TP Radius Server Information Tunnel Authentication PasswordsPlanning Considerations for an L2TP Network Tools Choose Configuration Manager Preparing a Configuration FileSite Manager Procedure You do this System responds Choose Local File , Remote File , orEnabling L2TP on an Unconfigured WAN Interface Subnet MaskChoose Add/Delete Enabling L2TP on an Existing PPP InterfaceChoose Edit Circuit Configuring L2TP Services Enabling L2TP on an Existing Frame Relay Interface Configuration is completed You do this System responds Site Manager ProcedureEnabling L2TP on an Existing ATM Interface Choose Group ProtocolsChoose Service Attributes Choose ProtocolsChapter Customizing L2TP Services Modifying the L2TP Protocol Configuration Choose L2TP ConfigurationModifying Radius Server Information Radius Server onChanging the LNS System Name Modifying the Number of L2TP Sessions Permitted Keeping the Remote User’s Domain Name Set the Remove Domain NameChanging the Domain Name Delimiter Set the Domain Name DelimiterEnabling Tunnel Authentication Choose Tunnel AuthenticationModifying L2TP IP Interface Addresses Choose L2TP IP InterfaceDisabling RIP Disabling L2TPCustomizing L2TP Services Deleting L2TP from a PPP InterfaceDeleting L2TP from a Frame Relay Interface Deleting L2TP from an ATM Interface Site Manager Procedure Appendix a L2TP Parameters TopicL2TP Configuration Parameters Figure A-1. L2TP Configuration List WindowParameter Receive Window Size Parameter Enable L2TPParameter Max L2TP Sessions Parameter Maximum Retransmit Parameter Retransmit Timer secondsParameter Hello Timer seconds Parameter Radius Primary Server IP Address Parameter Ack Timeout millisecondsParameter LNS System Name Parameter Tunnel Flow Control Parameter Radius Primary Server PasswordParameter Radius Client IP Address Parameter Remove Domain Name Parameter Domain Name DelimiterL2TP Tunnel Security Parameters Figure A-2. L2TP Tunnel Security List WindowParameter Enable Tunnel Authentication Parameter Tunnel Authentication PasswordL2TP IP Interface Parameters Figure A-3. L2TP IP Interface List WindowParameter L2TP IP Interface Address Parameter Subnet MaskParameter RIP Enable Appendix B Configuration Examples Example 1 Remote PC Calling the Corporate NetworkConfiguring the Remote Hosts Figure B-1. L2TP Network with PCs at the Remote SiteDomain name baynetworks.com Configuring the LACs and the TMSConfiguring the LNS Parameter Name Value IP Address 192.32.16.55Data Path Through the Network L2TP IP Interface window, enter the L2TP IP addressExample 2 Remote Router Calling the Corporate Network Figure B-2. L2TP Network with Routers at the Remote SiteParameter Name Value RFC1661 Compliance Enable Configuring the Dial-on-Demand CircuitConfiguring the PPP Interface Appendix C Troubleshooting Problem What to DoTable C-1 Common L2TP Network Problems and Solutions Index L2TPIndex-2

L2TP specifications

Nortel Networks L2TP, or Layer 2 Tunneling Protocol, is a widely recognized networking protocol that enables the tunneling of data over various networks. Initially developed as an extension of the Point-to-Point Tunneling Protocol (PPTP), L2TP integrates components from both PPTP and Layer 2 Forwarding (L2F). Nortel Networks played a significant role in the development and implementation of L2TP, making it a prominent choice for service providers and enterprise networks seeking secure and efficient connectivity.

One of the primary features of L2TP is its ability to encapsulate data packets, allowing the transport of PPP (Point-to-Point Protocol) frames without necessitating the traditional point-to-point connections. This means L2TP can operate across different networks, facilitating remote access connections and VPNs (Virtual Private Networks). As a result, organizations can achieve greater flexibility in managing their communications infrastructure.

Another key characteristic of L2TP is its support for both IPv4 and IPv6, ensuring compatibility with current and future networking environments. L2TP operates at the link layer of the OSI model, which means it functions between the data link and network layers, making it versatile for various applications. By using UDP (User Datagram Protocol) as a transport protocol, L2TP ensures efficient data transmission while maintaining lower latencies.

Security is a critical aspect of L2TP. While L2TP itself does not provide encryption, it is often paired with IPSec (Internet Protocol Security) for enhanced security protocols. This combination offers both tunneling and encryption, creating a secure framework for transmitting sensitive information across potentially insecure networks, such as the Internet.

L2TP also features various authentication methods, allowing for robust access control. It supports various schemes like PAP (Password Authentication Protocol) and CHAP (Challenge Handshake Authentication Protocol), giving network administrators a range of options to ensure the legitimacy of users accessing the network.

In summary, Nortel Networks L2TP is a powerful tunneling protocol known for its flexibility, compatibility, and security features. Its ability to encapsulate data for efficient transport makes it ideal for remote access and VPN applications. As organizations continue to demand secure, seamless connectivity, L2TP remains a resilient choice within the shifting landscape of networking technologies.