43 CONFIGURING L2TP
VPDN and L2TP
Overview Virtual Private Dial Network (VPDN) is fulfilled with the help of dial-up and access
services of public network (ISDN and PSTN), which provides access services for
enterprises, small ISPs, and mobile offices.
VPDN adopts private communication protocols with network encryption feature,
so enterprises can establish safe VPNs on public networks. Branch employees can
connect to their enterprise's remote internal network through virtual encryption
tunnels, while other users on public networks cannot access the Intranet resources
through such virtual tunnels.
VPDN system is composed of NAS (Network Access Server), equipment, and
management tools at the user end.
■NAS is provided by telecom departments or large-sized ISPs. As the access
server of VPDN, NAS provides WAN interfaces, in charge of connecting PSTN or
ISDN, and supports various LAN protocols, security management and
authentication, and supports tunnels and other related techniques.
■The user-side equipment is located in the headquarters of an enterprise.
According to different network functions, the equipment can function as a
NAS, router or firewall.
■The management tool is responsible for managing VPDN equipment and users,
including NMS and AAA.
Remote dial-up users access local ISP NAS by dialing via the local PSTN or ISDN.
With the aid of a onnection to the local ISP and proper tunneling protocol
encapsulating a higher-level protocol, a VPN is established between the NAS and
the peer gateway.
VPDN Operation The VPDN tunneling protocol can be PPTP, L2F, or L2TP, the dominant protocol.
When adopting the L2TP to build a VPDN, the typical networking is illustrated in
Figure 179.