Configuring L2TP Services

Planning Considerations for an L2TP Network

This guide primarily explains how to configure a Bay Networks BLN, BCN, or ASN router as an LNS in an L2TP network. To successfully operate in an L2TP network, obtain the following information to configure the LNS.

Tunnel Authentication Passwords

If you plan to enable tunnel authentication, which is optional for the Bay Networks LNS, you must obtain the LAC password from your ISP. For more information about the authentication process, see “ Tunnel Authentication” on page 1-12.

RADIUS Server Information

The Bay Networks implementation of L2TP requires that you configure a RADIUS server to perform user authentication and to assign IP addresses to remote users.

For the RADIUS server, do the following:

Configure the RADIUS server with user names and domain names.

Obtain the address and password of the RADIUS server to enter in the LNS configuration.

Configure the RADIUS server to assign IP addresses to remote users.

This address identifies the remote user to the LNS during an L2TP session. If the remote user does not have a preconfigured address, the only way to assign addresses is by the RADIUS server. This address is also used for network communication across the subscriber network.

For more information about configuring Bay Networks routers as RADIUS servers, see Configuring RADIUS.

2-2

303532-A Rev 00

Page 36
Image 36
Nortel Networks Planning Considerations for an L2TP Network, Tunnel Authentication Passwords, Radius Server Information

L2TP specifications

Nortel Networks L2TP, or Layer 2 Tunneling Protocol, is a widely recognized networking protocol that enables the tunneling of data over various networks. Initially developed as an extension of the Point-to-Point Tunneling Protocol (PPTP), L2TP integrates components from both PPTP and Layer 2 Forwarding (L2F). Nortel Networks played a significant role in the development and implementation of L2TP, making it a prominent choice for service providers and enterprise networks seeking secure and efficient connectivity.

One of the primary features of L2TP is its ability to encapsulate data packets, allowing the transport of PPP (Point-to-Point Protocol) frames without necessitating the traditional point-to-point connections. This means L2TP can operate across different networks, facilitating remote access connections and VPNs (Virtual Private Networks). As a result, organizations can achieve greater flexibility in managing their communications infrastructure.

Another key characteristic of L2TP is its support for both IPv4 and IPv6, ensuring compatibility with current and future networking environments. L2TP operates at the link layer of the OSI model, which means it functions between the data link and network layers, making it versatile for various applications. By using UDP (User Datagram Protocol) as a transport protocol, L2TP ensures efficient data transmission while maintaining lower latencies.

Security is a critical aspect of L2TP. While L2TP itself does not provide encryption, it is often paired with IPSec (Internet Protocol Security) for enhanced security protocols. This combination offers both tunneling and encryption, creating a secure framework for transmitting sensitive information across potentially insecure networks, such as the Internet.

L2TP also features various authentication methods, allowing for robust access control. It supports various schemes like PAP (Password Authentication Protocol) and CHAP (Challenge Handshake Authentication Protocol), giving network administrators a range of options to ensure the legitimacy of users accessing the network.

In summary, Nortel Networks L2TP is a powerful tunneling protocol known for its flexibility, compatibility, and security features. Its ability to encapsulate data for efficient transport makes it ideal for remote access and VPN applications. As organizations continue to demand secure, seamless connectivity, L2TP remains a resilient choice within the shifting landscape of networking technologies.