Lucent Technologies 3000, 6000 Configuration of the MAX as an LNS

Setting Up Virtual Private Networks

Configuring L2TP tunnels for dial-in clients

MAX 6000/3000 Network Configuration Guide 11-43

Table11-5 shows how the system match es the values in the clients’ profiles as it receives

incoming calls and whether the system uses an existing tunnel or creates a new one:

Note: If a caller that does not supply a Client ID string that matches the tunnel-server end

point, so the existing tunnel to that end point (Tunnel-ID 102) is reused.

Configuration of the MAX as an LNS

When the MAX acts as a LNS, it responds to requests by LAC units to establish tunnels. The

LNS does not initiate outgoing requests for tunnels, so configuration of the MAX is simple.

Proceed as follows:

1Open the Ethernet > Mod Config > L2 Tunneling Options menu.

2Set L2TP Mode to either LNS or Both.

3If you require tunnel authentication, set L2TP Auth Enabled to Yes.

You must configure both the LAC and LNS identically, to either require or not require

authentication.

4Set L2TP RX Window to the number of packets that the MAX should receive before it

requests that the sending device stop transmitting packets.

The default is 7. Set the parameter to 0 (zero) to disable flow control in the receiving

direction. The MAX continues to perform flow control for the sending direction reg ardless

of the value of L2TP RX Window.

Table11-5.Tunnels created based on profile settings for incoming callers

Values used to match tunnel: Resulting action Tunnel-ID

Address Client ID Pri. Tunnel

Server

1.1.1.1 a1 a.example.c om Reuse tunnel 102

1.1.1.1 a2 a.example.c om Reuse tunnel 103

1.1.1.1 b b.exampl e.net Establish new

tunnel 104

1.1.1.1 b a.example.com Establish new

tunnel 105

1.1.1.1 a.example.com Reuse tunnel 102

1.1.1.1 a2 b.example.net Establish new

tunnel 106

1.1.1.2 a1 a.example. c om Establish new

tunnel 107

Contents

Main Lucent Technologies Customer Service Finding information and software Obtaining technical assistance Obtaining assistance through email or the Internet Calling the technical assistance center (TAC) Page Contents About This Guide.......................................................................... xxix Chapter 3 Configuring WAN Access............................................................... 3-1 Page Page Chapter 4 Configuring Individual WAN Connections.................................... 4-1 Page Page Page Chapter 5 Configuring Frame Relay............................................................... 5-1 Page Page Chapter 8 Configuring OSPF Routing ............................................................ 8-1 Page Chapter 10 Setting Up IP Multicast Forwarding ............................................ 10-1 Chapter 11 Setting Up Virtual Private Networks............................................ 11-1 Page Chapter 14 Configuring Packet Bridging....................................................... 14-1 Page Page Figures Page Page Page Tables Page About This Guide How to use this guide What you should know Documentation conventions MAX 6000/3000 Series documentation set ! Page Page Introduction Page Configuration Concepts and Profiles Using the MAX as an ISP or telecommuting hub Using the MAX as an ISP hub Using the MAX as a telecommuting hub Overview of MAX configuration Creating a network diagram Configuring lines, slots, and ports for WAN access Configuring WAN connections and security Concentrating Frame Relay connections Enabling X.25 terminal connections Configuring routing and bridging across the WAN Enabling protocol-independent packet bridging Using IPX routing (NetWare 3.11 or later) Configuring Internet services Multicast OSPF routing Virtual Private Networks MAX profiles Obtaining privileges to use the profiles Activating a profile Saving a profile Using RADIUS Using session accounting Where to go next Page Configuring WAN Access Introduction to WAN configuration How the VT100 menus relate to slots and ports on the MAX 6000 System slot T1 or E1 slots Expansion slots How the VT100 menus relate to slots and ports on the MAX 3000 System slot T1 or E1 slot Expansion slots Ethernet slot Etherdata slot Assigning telephone numbers Add-on numbers Hunt groups SPIDS (for Net/BRI lines) How a MAX unit routes inbound and outbound calls Configuring T1 lines Setting the general parameters Connecting to the Central Office switch Signaling mode Switch-specific settings Front-end settings Monitoring line quality Supporting PBX connections Configuring carrier-specific services Using MAXDAX Configuring channels Associating a channel with a slot/port in the MAX un it Assigning nailed channels to groups Assigning channels to trunk groups Assigning channels to hunt groups Typical T1 configurations, with examples Configuring a line for ISDN PRI service Configuring ISDN signaling Configuring the Pre-T310 timer Overlap receiving for the MAX unit Example of ISDN PRI configuration Configuring robbed-bit signaling Example of robbed-bit configuration Using NFAS signaling Example of NFAS configuration Enabling a robbed-bit PBX with PRI access lines (PRI-to-T1 conversion) Other considerations for PRI-to-T1 conversion Example of PRI-to-T1 configuration Assigning bandwidth to a nailed link Performing T1 line diagnostics Configuring E1 lines Setting the general parameters Connecting to the Central Office switch Signaling mode Switch-specific settings Defining how the MAX unit responds during call setup Defining settings for DPNSS signaling on DASS 2 switches Configuring DPNSS signaling Enabling a line for Clock Source use Setting triggers for call-completed information Using MAXDAX Configuring channels Associating a channel with a slot/port in the MAX un it Assigning nailed channels to groups Assigning channels to hunt groups Typical E1 configurations, with examples Using ISDN signaling Using DPNSS signaling Setting up a nailed connection Performing E1 line diagnostics Network Terminating (NT) support for European ISDN PRI ISDN call information Configuring the serial WAN port Configuring a serial WAN connection Example of a serial WAN connection Configuring digital modems 56K modem numbering 8-MOD modem numbering 12-MOD modem numbering Parameters for configuring digital modems Quiescing digital modems and returning them to service Sample configuration Configuring V.110 modems Routing calls to the V.110 modems Example of a V.110 configuration Configuring Personal Handyphone System (PHS) Configuring ISDN BRI network cards Specifying a name and other settings for the profile Setting a lines basic operational parameters Configuring the B channels BN Slot and BN Prt/Grp parameters BN Trnk Grp parameter Configuring add-on numbers and SPIDs Typical Net/BRI configurations, with examples Configuring incoming switched connections Example of incoming switched connection configuration Configuring the Net/BRI line for outbound calls Assigning lines to trunk groups Specifying a trunk group in a Connection profile Displaying information about BRI calls Configuring Host/BRI lines Typical Host/BRI configurations, with examples Routing inbound calls to the terminating device Example of routing inbound calls Enabling the device to make outbound calls Example of configuring outbound calls Configuring local BRI-to-BRI calls Example of configuring BRI-to-BRI calls Configuring IDSL connections BN Slot and BN Prt/Grp parameters Example of IDSL configuration BRI/LT diagnostics Configuring IDSL voice-call support Configuring the MAX IDSL card for outgoing voice calls Configuring the MAX to route incoming voice calls to the IDSL card Performing loopback diagnostics for IDSL Enabling Loop Sealing Current Configuring Host/AIM6 and Host/Dual ports Configuring the inverse-multiplexing port Configuring a Port Config profile Example of a Port Config profile Port diagnostics Configuring the interface to the codec through the serial (UART) port on the Host/Dual card. Pairing ports for dual-port calls Enabling dual-port calls Configuring inverse-multiplexed WAN connections Configuring bandwidth WAN connections Call Password and Flag Idle parameters Configuring an AIM call specified for the ( bandwidth. Example of an AIM call configuration Configuring the FT1-B&O call Example of a FT1-B&O call Configuring a single-channel call Example of configuring a single-channel call Configuring a dual-port call Configuring inbound calls Setting up ISDN subaddressing Example of ISDN subaddressing configuration Specifying answer numbers for destination host ports Specifying host ports slot and port numbers in WAN channel configurations Exclusive port routing Using DNIS-related methods to limit incoming calls Overview Call routing Limiting calls to specific dialed numbers Limiting calls to unspecified dialed numbers Examples of call routing Limiting all modem calls that do not specify a DNIS number Limiting all calls that do not specify a DNIS number Limiting V.110 calls to a specific DNIS number Page Page Page Configuring outbound calls Enabling trunk groups Dialing through trunk group 2 (local port-to-port calls) Dialing through trunk group 3 (Destination profiles) Dialing through trunk groups 49 Dialing through the extended dial plan Matching slot and port specifications (reserved channels) Configuring MAXDAX Introduction How the MAX determines outbound call routing MAXDAX call-routing flowchart Configuring channels on which the MAX unit sends outgoing calls Configuring channels on which the MAX unit receives calls Configuring the MAX unit to directly map channels Configuring the MAX unit to use a specific Dial Plan prof ile Configuring the MAX unit to use a caller-defined Dial Plan profile Page Configuring the MAX unit to use Answer Plan profiles Displaying MAXDAX configurations Examples of MAXDAX configuration (T1) Routing calls on the basis of called number Page Routing calls on the basis of the channel on which MAX 2 rec eives the call Example of MAXDAX configuration (E1) Routing calls on the basis of the channel on which MAX 2 rec eives the call Page Page Configuring Individual WAN Connections Introduction to WAN links The Answer profile Encaps Options Page IP Options IPX Options AppleTalk Options PPP Options Foundation parameters Numeric parameters Graceful shutdown and IPX Header Compression COMB Options V.120 Options X.75 Options PAD Options T3POS Options Timer Options For DTE-initiated calls Miscellaneous Session Options Filter-related parameters Timing parameters Miscellaneous Session Options parameters DHCP Options TCP-Clear Options Configuring an Answer profile Example of a configured Answer profile The Connection profile General Parameters Basic setup parameters Telephone numbers Routing Overview of the Options subprofiles Encaps Options Encaps=MPP DBA monitoring and channel allocation parame ters MRU, LQM and Compression parameters CBCP parameters Miscellaneous Encaps Options parameters Configuring Individual WAN Connections The Connection profile MAX 6000/3000 Network Configuration Guide 4-23 Encaps=MP Encaps=PPP Encaps=COMB Password Reqd Interval Compression Encaps=FR and Encaps=FR_CIR Encaps=X25/PAD NUI and PAD parameters Encaps=X25/T3POS X.25 Prof Recv PW Encaps=X25/IP LCN Encaps Type Page Page Encaps=ARA IP Options Distance parameters SourceIP Check, RIP and Pool parameters Multicast parameters Client parameters IPX Options IPX parameters AppleTalk Options Session Options Timing parameters Miscellaneous Session Options parameters Frame Relay parameters Framed Only OSPF Options Authentication parameters More OSPF parameters Telco Options Group, FT1 Caller, Data Svc, Force 56 parameters Bill #, Call-by-Call, Transit #, NAS Port Type parameters Accounting Options DHCP options Example of setting time limits Configuring Names/Passwords profiles Example of a Names/Passwords profile configuration Configuring PPP connections Example of a single-channel PPP connection Page Example of a PPP connection Enabling PPP dial-out for V.110 modems Configuring MP, MP+ and BACP connections The MP and BACP parameters MP without BACP Enabling BACP for MP Connections Specifying channel counts Dynamic algorithm for calculating bandwidth requirements Time period for calculating average line utilization Target utilization Adding or dropping links (Add Pers, Sub Pers, Inc Ch Count, Dec Ch Count) Guidelines for configuring bandwidth criteria Example of a MP connection without BACP Example of a MP connection with BACP Configuring Lucent MP+ connections The MP+ parameters Channel counts and bandwidth allocation paramete rs Auxiliary password for added channels Bandwidth monitoring Example of MP+ configuration Configuring a nailed/MP+ connection Page Spanning multichannel calls across a stack of units How MP/MP+ call spanning works Bundle ownership Outgoing data Real and stacked channels Connection profiles within a stack Telephone numbers for new MP+ and MP-with-BACP channels Performance considerations for MAX stacking Suggested LAN configurations Suggested hunt group configurations MP+ and MP-with-BACP calls MP-without-BACP calls MP+ calls and MP calls with or without BACP The stacking parameters Configuring a MAX stack Disabling a MAX stack Adding and removing a MAX Configuring bidirectional CHAP support Configuring bidirectional CHAP on the MAX unit Setting up bidirectional CHAP on the MAX unit for all incoming calls Setting up bidirectional CHAP on the MAX unit for selected incoming calls Setting up bidirectional CHAP on the MAX unit for outgoing calls Setting alternative name for CHAP authentication Configuring bidirectional CHAP in RADIUS Setting up bidirectional CHAP in RADIUS for incoming calls Setting up bidirectional CHAP in RADIUS for outgoing calls Setting up selective bidirectional CHAP with callback Setting up an outgoing call with double RADIUS lookups Using double RADIUS lookups in multiprovider networks How to configure double RADIUS lookups Message sequence during an outgoing call using two RADIUS lookups Enhanced support for MS-CHAP LAN Manager MS-CHAP support RADIUS support for MS-CHAP Configuring dial-in PPP for AppleTalk Configuring an AppleTalk PPP connection with a Connection profile Configuring an AppleTalk PPP connection with a Names/Passwords profile Configuring AppleTalk connections from RADIUS Configuring ARA connections Example of an ARA configuration Example of ARA configuration that enables IP access Page Configuring terminal-server connections Connection authentication issues Analog modems and async PPP connection V.120 terminal adapters and PPP connections V.120 terminal adapters with PPP turned off Modem connections V.120 terminal-adapter connections TCP-Clear connections Page TCP-modem connections (DNIS Login) The terminal-server interface Terminal mode Menu mode Immediate mode Enabling terminal-server calls and setting security The modem parameters Example of a modem configuration Configuring terminal mode Example of terminal-mode configuration Configuring immediate mode Example of immediate-mode configuration Configuring menu mode Example of menu-mode configuration Configuring PPP mode Example of PPP configuration Configuring Serial Line IP (SLIP) mode Example of SLIP configuration Configuring dial-out options How to use nonimmediate-modem dial-out How to use immediate-modem dial-out Example of dial-out configuration Configuring a Combinet connection The Combinet bridging parameters Example of Combinet configuration Configuring EU connections The EU parameters EU-RAW and EU-UI Maximum Receive Unit (MRU) DCE address (DCE Addr) DTE address (DTE Addr) Example of an EU connection Example of an EU-UI connection Configuring DHCP services How the MAX assigns IP addresses Plug and Play Reserved address Lease renewal Assignment from a pool Page Setting up a DHCP server Setting up Plug and Play support Setting up DHCP spoofing Configuring POTS capability on the MAX 6000 and MAX 3000 ! FXS line profiles Configuring an FXS line profile Saving alternative configurations Activating an alternative profile Call Routes profile Viewing Call Routes with the DO command Page Internal sorting of call routes First Avail routing Page Fair Share routing Numbering Plan profile Routing outbound calls Examples of Call Routes configurations Automatically prepend trunk digit Automatically strip trunk digit Route by area code Use call-setup parameters Port-to-port routing Examples of Rollover configurations Simple rollover Automatic rollover calls Automatic wildcard rollover Example of a Numbering Plan profile MAXDAX Routing inbound calls Answer Number Routing Line Status Call Detail Reporting Configuring Frame Relay Introduction Frame Relay link management Using the MAX as a Frame Relay concentrator Using the MAX as a Frame Relay switch Components of a Frame Relay configuration Configuring nailed bandwidth for Frame Relay Defining Frame Relay link operations Dialing, billing and signaling parameters Link parameters Timers and event count parameters Settings in a Frame Relay profile Settings in a RADIUS frdlink profile Page Examples of a UNI-DTE link interface Examples of a UNI-DCE link interface Page Examples of an NNI link interface Configuring a DLCI logical interface Overview of DLCI interface settings The Frame Relay connection parameters Gateway connections (Encaps=FR) Frame Relay circuits (Encaps=FR_CIR) FR Direct connections (FR Direct=Yes) Examples of a DLCI interface configuration Examples of backup interfaces for nailed Frame Relay links Page Concentrating incoming calls onto Frame Relay Setting up a Frame Relay gateway Routing parameters in the DLCI profile Routing parameters in RADIUS Examples of a gateway configuration Configuring Frame Relay Direct Page Examples of FR Direct connections Page Configuring the MAX as a Frame Relay switch Overview of circuit-switching options Examples of a circuit between UNI interfaces Page Examples of a circuit between NNI interfaces Page Examples of circuits that use UNI and NNI interfaces Page Page Configuring switched Frame Relay connections Overview Configuring a switched Frame Relay connection Configuring a Frame Relay profile Configuring the Answer profile Establishing the connection Configuring 64 switched Frame Relay connections Examples of RADIUS switched Frame Relay connections Sample RADIUS Frame Relay Data Link profile Sample RADIUS DNIS profile Sample RADIUS CLID profile Configuring a switched Frame Relay connection for an outbound call Sample RADIUS Route profile Sample RADIUS Frame Relay Data Link profile Sample RADIUS user profile Configuring X.25 Introduction to Lucent X.25 implementation Configuring the logical link to an X.25 network Dialing, billing and signaling parameters LAPB parameters X.25 profile parameters Page X.121 and VCE Timer Val parameters Type of connection Example of an X.25 profile configuration Page Configuring X.25 IP connections Max Unsucc. calls, Inactivity Timer, and MRU parameters Call Mode and X.121 parameters Route IP and LAN Adrs Example of an X.25 IP configuration Configuring X.25 PAD connections X.25 PAD parameters X.3 Param Prof VC Timer enable Auto-call X.121 addr Configuring an X.25 PAD connection Example of X.25 PAD Setting up X.25 PAD sessions X.3 parameters and profiles Page Page Page X.25 PAD commands Commands for working with X.3 parameters and profiles X.25 PAD commands for managing calls Page PAD service signals X.25 clear cause codes X.25 diagnostic field values Page Configuring X.25 PAD users from RADIUS Customizing script support for X.25 PAD Parameters and commands X28 terminalserver command X.25 PAD commands Storeprofile Accessing the PAD by using the PAD script support feature Configuring X.32 profiles for incoming switched X.25 connections Net2Net circuit mode ISDN packet mode (on-demand X.25) Setting up ISDN D channel X.25 support Configuring ISDN D channel X.25 support Customized X.25 T3POS support Protocol summary General frames Control frames T3POS Timers DTE-initiated calls Host-initiated calls Flow control References Configuring a T3POS connection Accessing the T3POS Accessing the T3POS from a dial-in connection Accessing the T3POS from the MAX terminal-server interface Accessing the T3POS PAD through immediate mode Always On/Dynamic ISDN (AO/DI) Introduction How it works Configuring an AO/DI connection Configuring the X.25 profile Configuring the Answer profile Configuring a Connection profile to support AO/ DI Displaying AO/DI operation Displaying whether or not the MAX supports AO/DI Displaying active AO/DI calls Displaying packet processing for a specific session RADIUS support for Always On/Dynamic ISDN (AO/DI) Accounting records for each active AO/DI call Start records Stop records AO/DI accounting example 6-44 MAX 6000/3000 Network Configuration Guide 4The AO/DI client drops a B channel from line 1, channel 2. The following Stop record is generated: MAX 6000/3000 Network Configuration Guide 6-45 6The AO/DI client drops the X.25 call. The following Stop record is generated: 6-46 MAX 6000/3000 Network Configuration Guide RADIUS dial-in AO/DI profile for PAP/CHAP with a fixed IP address MAX 6000/3000 Network Configuration Guide 6-47 Changes to show users command Page Configuring IP Fax Store-and-forward IP fax Incoming IP faxes Outgoing IP faxes Configuring system parameters for IP fax modem usage Assigning bandwidth for typical IP fax usage Configuring a typical Call Route profile Specifying the maximum number of parallel dial-outs Configuring IP fax options Example of an IP fax configuration for incoming faxes Example of an IP fax configuration for outgoing faxes Fax hangup codes and disconnect cause codes IP fax call accounting SNMP information about IP fax operation RADIUS support for IP fax operation Page Syslog support for IP fax operation Redialer support on MultiDSP card for store-and-forward fax Atlas redialer and DID support on MAX 6000 units Specifying the type of redialer DID on inbound IP fax calls Server # N (N=1-5) Line identifier DID number Caller ID (if available) Page Configuring OSPF Routing OSPF overview TAOS implementation of OSPF OSPF features Security Support for variable length subnet masks Exchange of routing information Designated and Backup Designated Routers Configurable metrics Hierarchical routing (areas) Stub areas Not So Stubby Areas (NSSAs) The link-state routing algorithm Page Configuring OSPF routing in the MAX Configuring OSPF on the Ethernet interface Make sure the MAX is configured as an IP host Configure the MAX for OSPF Page Configuring OSPF across the WAN Configuring a WAN link that does not support OSPF Page Configuring the MAX as an NSSA internal router Page Configuring IP Routing Introduction to IP routing on the MAX IP address and subnet mask usage in MAX units Default subnet masks Subnet mask format Zero subnetworks IP routing table MAX IP interfaces Ethernet interfaces WAN IP interfaces System-based routing Interface-based routing Configuring LAN interfaces Configuring primary and secondary IP addresses for the LAN Configuring routing table updates Configuring Address Resolution Protocol (ARP) responses Example of configuration of a MAX IP interface on a subnet Page Configuring system-level routing policies Dynamic IP addressing for dial-in hosts Enabling dynamic address assignment Specifying address pools Forcing callers configured for a pool address to accept dynamic assignment Summarizing host routes in routing table advertisements Example of how to set up address pools with route summarization Page Boot Protocol (BOOTP) requests to other networks Name resolution service (DNS or WINS) DNS lists Client DNS Example of address resolution configuration Configure local DNS service Creating a local DNS table Configuring the local DNS table Entering hostnames and IP addresses in the local DNS table Editing the local DNS table Deleting an entry from the local DNS table Configuring DHCP services How the MAX assigns IP addresses when acting as a DHCP server Plug and Play Page Enable and configure DHCP spoofing Enable dynamic IP addressing Reserve IP addresses for specific hosts Final DHCP settings Example of DHCP server configuration Translating network addresses for a LAN Single-address NAT and port routing Outgoing connection address translation Incoming connection address translation Translation-table size Multiple-address NAT Page Configuring single- or multiple-address NAT NAT for Frame Relay Configuring NAT port routing (Static Mapping subprofiles) Routing all incoming sessions to the default ser ver Routing incoming sessions to up to ten servers on the private LAN Disabling routing for specific ports Support for QuickTime audio/video streaming Additional system-level services Setting and maintaining system time Telnet password Shared Connection profiles Dial-out routes in a redundant configuration UDP checksums for ensuring data integrity Suppressing host route advertisements Configuring WAN interfaces Enabling IP routing Configuring routes for WAN connections Specify the remote IP address Configuring numbered-interface routing Specifying a local IP interface address Enabling dynamic IP addressing Assigning metrics and preferences Configuring RIP on a WAN interface IP Direct configuration system discards packets that do not originate on Remote host requirements for WAN connections UNIX software Windows or OS/2 software Macintosh software TCP/IP software configuration Examples of WAN interface configuration Configuring dynamic address assignment to a dial-in host Configuring pools using local profiles Configuring RADIUS pseudo-user profiles Configuring a host connection with a static address Page Configuring an IP Direct connection Configuring a router-to-router connection Configuring a router-to-router connection on a subnet Page Configuring a numbered interface Page Type of service (TOS) support for selecting quality of service Defining TOS policy within a profile Page Page Defining TOS filters Examples of connection-based TOS configuration Specifying a QoS for all packets matching a local Filter profile Settings in RADIUS Page Example of defining a TOS filter Example of applying TOS filters to WAN connections Applying a filter to a Connection profile Applying a TOS filter to a RADIUS profile Configuring IP routes Static routes Dynamic routes Route preferences and metrics on a MAX unit Static route configuration Settings in a Static Route profile Page Settings in a RADIUS route profiles Route settings in a RADIUS user profile Connection-specific private static routes (RADIUS only) Configuring the default route Defining a static route to a remote subnet Example of route preferences configuration Dynamic route configuration Example of RIP and ICMP configuration Setting Up IP Multicast Forwarding Introduction to multicast forwarding Configuring multicast forwarding Enabling multicast forwarding Identifying the MBONE interface Multicast forwarder polling activities Configuring the MAX to support multicast clients Multicast interfaces Implicit priority setting for dropping multicast packets Monitoring connectivity problems through heartbeat monitoring Examples of multicast forwarding configuration Forwarding from an MBONE router on Ethernet Forwarding from an MBONE router on a WAN link Configuring the MAX to respond to multicast clients Configuring the MBONE interface Configuring multicasting on WAN interfaces Page Setting Up Virtual Private Networks Introduction to Virtual Private Networks Configuring ATMP tunnels How the MAX creates ATMP tunnels Setting the UDP port Setting an MTU limit How link compression affects the MTU How ATMP tunneling causes fragmentation Pushing the fragmentation task to connection end-points Forcing fragmentation for interoperation with outdated clients Router and gateway mode Configuring the Foreign Agent 11-6 MAX 6000/3000 Network Configuration Guide Setting Up Virtual Private Networks Configuring ATMP tunnels Following are the parameters (shown with sample settings) for using RADIUS authentication: Understanding the Foreign Agent parameters and attributes Page Example of configuring a Foreign Agent (IP) Example of configuring a Foreign Agent (IPX) Configuring a Home Agent Configuring a Home Agent in router mode Understanding the ATMP router mode parameters Routing to the mobile client Example of configuring a Home Agent in router mode (IP) Example of configuring a Home Agent in router mode (IPX) Configuring a Home Agent in gateway mode Limiting the maximum number of tunnels Enabling RIP on the interface to the home router Gateway-mode parameters Page Understanding the ATMP gateway-mode parameters IP configuration and Connection profile Connection profile to the home network Example of configuring a Home Agent in gateway-mode (IP) Example of configuring a Home Agent in gateway mode (IPX) Page Specifying the tunnel password Setting an idle timer for unused tunnels Configuring the MAX as an ATMP multimode agent Page Page Supporting mobile client routers (IP only) Home Agent in router mode Home Agent in gateway mode ATMP connections that bypass a Foreign Agent Configuring PPTP tunnels for dial-in clients How the MAX works as a PAC Understanding the PPTP PAC parameters Enabling PPTP Specifying a PRI line for PPTP calls and the PNS IP addr ess Example of a PAC configuration Example of a PPTP tunnel across multiple POPs Routing a terminal-server session to a PPTP server Configuring L2TP tunnels for dial-in clients Elements of L2TP tunneling How the MAX creates L2TP tunnels Proxy LCP and authentication support for L2TP LAC and LNS mode Tunnel authentication Client authentication Flow control Using the Tunnel-Assignment-ID (82) RADIUS attribute for L2TP Example of configuring a tunnel assignment ID Tunnel-Assignment-ID (82) Identification (name) assigned to tunnels to allow grouping of RADIUS accounting support Configuration of the MAX as an LAC Understanding the L2TP LAC parameters Configuring the MAX Configuring systemwide L2TP LAC parameters Enabling L2TP tunneling for an entire WAN line Enabling L2TP tunneling on a per-user basis Using multiple L2TP system names Overview of RADIUS attribute-value pairs Example of tunnel authentication Example of connection-based tunnel authentication Example of server-based tunnel authentication Creating parallel L2TP tunnels to the same end point How the system finds a matching tunnel How the system name is selected Example of how Client ID settings create parallel tunnels 1.1.1.1 a1 a.example.com 102 1.1.1.1 a2 a.example.com 103 Configuration of the MAX as an LNS Using DNS list attempts for L2F and L2TP Using Tunnel Options to support tunneling protocols SNMP MIB for L2TP Added l2tpConfig l2tpStats l2tpDomainStatsTable l2tpTunnelStatsTable Configuring Virtual Routers Background l2tpSessionStatsTable l2tpSessionStatsTable (LNS only) Current limitations Accessible Vrouter profiles Creating a Virtual Router profile Required Connection profile settings Required Static Rtes profile settings Disabling a Virtual Router profile VRouter support for L2TP tunneling Configuring VRouter support for IPX networks Enabling the VRouter feature on IPX RADIUS profiles Page Configuring IPX Routing Introduction to IPX routing IPX Service Advertising Protocol (SAP) tables IPX Routing Information Protocol (RIP) tables IPX and PPP link compression Lucent extensions to standard IPX IPX Route profiles IPX SAP filters WAN considerations for NetWare client software Enabling IPX routing in the MAX Examples of IPX routing configuration A basic configuration using default values A more complex example Verifying the router configuration Configuring IPX routing connections Answer profile parameters Connection profile parameters Page Peer dial-in for routing to NetWare clients Controlling RIP and SAP transmissions across the WAN connection Dial Query for bringing up a connection on the basis of service queries Netware t/o watchdog spoofing SAP HS Proxy (NetWare SAP Home Server Proxy) Examples of IPX routing connections Configuring a dial-in client connection Configuring a connection between two LANs Configuring the MAX at Site A Page Configuring the MAX at Site B Configuring a connection with local servers only To configure the MAX at Site A To configure the Pipeline at Site B Configuring static IPX routes Settings in local Static route profiles Page Example of static-route configuration Creating and applying IPX SAP filters Input SAP filters and output SAP filters Applying IPX SAP filters Example of IPX SAP filter configuration Page Page AppleTalk Routing Introduction to AppleTalk routing When to use AppleTalk routing Reducing broadcast and multicast traffic Providing dynamic startup information to local devices AppleTalk zones and network ranges AppleTalk zones Extended and nonextended AppleTalk networks Page MAX units and AppleTalk nodes Configuring AppleTalk routing System-level AppleTalk routing parameters Answer profile parameters Per-connection AppleTalk routing parameters Configuring an AppleTalk connection with RADIUS Page Configuring Packet Bridging Introduction to Lucent bridging Disadvantages of bridging How the MAX initiates a bridged WAN connection Physical addresses and the bridge table Broadcast addresses Establishing a bridged connection Enabling bridging How the MAX supports bridging Transparent bridging Configuring bridged connections Bridge and Recv Auth Station Bridge and Dial Brdcast Netware t/o and Handle IPX Name, Active, and Recv PW Bridge Adrs parameters RADIUS bridging attributes Using RADIUS to configure bridge table entries Bridge profile configuration examples Example of a bridged connection Page IPX bridged configurations The IPX bridging parameters IPX Frame Route IPX Handle IPX Netware t/o (watchdog spoofing) Example of an IPX client bridge (local clients) Example of an IPX server bridge (local servers) Configuring proxy mode on the MAX Defining Static Filters Filter overview Basic types of filters Data and call filters How filters work Generic filters IP filters Type of Service filters IPX filters Specifying a filters direction Specifying a filters forwarding action Defining generic filters Page Specifying the offset to the bytes to be examined Specifying the number of bytes to test Masking the value before comparison Examples of a generic call filter Defining IP filters Page Page Filtering by source or destination address Filtering by port numbers Examples of an IP filter to prevent local address spoofing Examples of an IP filter for more complex security issues Page Defining Type of Service filters Page Page Examples of defining a TOS filter Defining IPX filters Filtering by source or destination address Filtering by socket number Example of an outbound IPX filter Example of an inbound IPX filter Applying a filter to an interface Settings in local profiles How the system uses the Answer Default parameter Examples of applying a data filter to a WAN interface Examples of applying a call filter to a WAN interface Examples of applying a TOS filter to a WAN interface Example of applying a filter to a LAN interface Page Index A B C D Page E F G H I Page K L M N O P Q R S Page T U V W X Z