L2TP Overview

L2TP Access Concentrator (LAC)

The L2TP access concentrator (LAC) resides at the ISP network. The LAC establishes the L2TP tunnel between itself and the LNS.

Note: In this guide, the term LAC refers to a remote access server with L2TP capabilities. The term RAS refers to a remote access server without L2TP capabilities.

When the remote user places a call to the ISP network, this call goes to the LAC. The LAC then negotiates the activation of an L2TP tunnel with the LNS. This tunnel carries data from the remote user to the corporate network.

For more information about the Bay Networks implementation of the LAC in an L2TP network, see “ Bay Networks L2TP Implementation” on page 1-11.

Remote Access Server (RAS)

The remote access server (RAS) resides at the ISP network. If the remote host is an L2TP client, the tunnel is established from the remote client through a RAS to an LNS at the corporate network. In this situation, there is no need for a LAC.

The RAS does not establish the tunnel; it only forwards already tunneled data to the destination.

Tunnel Management Server (TMS)

At the ISP network, there needs to be a mechanism for identifying L2TP tunneled users so that the LAC can construct the L2TP tunnel. Bay Networks uses a mechanism called a tunnel management server (TMS); other vendors may use a different method.

303532-A Rev 00

1-5

Page 21
Image 21
Nortel Networks manual L2TP Access Concentrator LAC, Remote Access Server RAS, Tunnel Management Server TMS

L2TP specifications

Nortel Networks L2TP, or Layer 2 Tunneling Protocol, is a widely recognized networking protocol that enables the tunneling of data over various networks. Initially developed as an extension of the Point-to-Point Tunneling Protocol (PPTP), L2TP integrates components from both PPTP and Layer 2 Forwarding (L2F). Nortel Networks played a significant role in the development and implementation of L2TP, making it a prominent choice for service providers and enterprise networks seeking secure and efficient connectivity.

One of the primary features of L2TP is its ability to encapsulate data packets, allowing the transport of PPP (Point-to-Point Protocol) frames without necessitating the traditional point-to-point connections. This means L2TP can operate across different networks, facilitating remote access connections and VPNs (Virtual Private Networks). As a result, organizations can achieve greater flexibility in managing their communications infrastructure.

Another key characteristic of L2TP is its support for both IPv4 and IPv6, ensuring compatibility with current and future networking environments. L2TP operates at the link layer of the OSI model, which means it functions between the data link and network layers, making it versatile for various applications. By using UDP (User Datagram Protocol) as a transport protocol, L2TP ensures efficient data transmission while maintaining lower latencies.

Security is a critical aspect of L2TP. While L2TP itself does not provide encryption, it is often paired with IPSec (Internet Protocol Security) for enhanced security protocols. This combination offers both tunneling and encryption, creating a secure framework for transmitting sensitive information across potentially insecure networks, such as the Internet.

L2TP also features various authentication methods, allowing for robust access control. It supports various schemes like PAP (Password Authentication Protocol) and CHAP (Challenge Handshake Authentication Protocol), giving network administrators a range of options to ensure the legitimacy of users accessing the network.

In summary, Nortel Networks L2TP is a powerful tunneling protocol known for its flexibility, compatibility, and security features. Its ability to encapsulate data for efficient transport makes it ideal for remote access and VPN applications. As organizations continue to demand secure, seamless connectivity, L2TP remains a resilient choice within the shifting landscape of networking technologies.