Tunnel Management Server; Customer/Home/Internet Service Provider Network; Customer Premise Equipment (Cpe) - Bay Networks Baystream 7 Configuration And Troubleshooting Manual

Bay dial vpn services

Hide thumbs Also See for Baystream 7:

Notice (140 pages)

Software manual (46 pages)

Install manual (38 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

Table of Contents

Configuring and Troubleshooting Bay Dial VPN Services

Tunnel Management Server

The NAS retrieves the tunnel conﬁguration attributes from its tunnel management

system (TMS) database residing on the tunnel management server and uses them

to build a tunnel into the customer's network. Once the tunnel is open, the user can

be authenticated at the customer's network. Dial VPN lets you choose between

two methods of tunnel management: erpcd-based or RADIUS-only.

•

The TMS database lets the NAS query for the addressing information it needs to

construct the IP tunnel. This query is based on the user domain name, and on the

policy and state information of the enterprise customer account when the remote

user dials in. As a Dial VPN network administrator, you must provide the user

domain and tunnel addressing information to the TMS database for each

enterprise customer.

the default TMS database.

Customer/Home/Internet Service Provider Network

The Dial VPN network interacts with the customer premise equipment (CPE) and

the RADIUS authentication server on the customer's destination network.

Note: Dial VPN supports standard ACP logging. A destination network can

provide and maintain its own accounting server, independent of Dial VPN.

Customer Premise Equipment (CPE)

The CPE is a frame relay router that connects to the Dial VPN network by means

of frame relay PVCs. The CPE routes trafﬁc from the remote nodes to hosts on the

home network and from the home network hosts back to remote nodes.

1-6

In the erpcd-based method, the TMS hosts a database application (the Tunnel

Management System) that controls the IP tunnel establishment attempt from

the NAS. TMS runs on the same UNIX host as the Access Control Protocol

(ACP) software. The NAS and the TMS communicate using the Bay

Networks proprietary Expedited Remote Procedure Call Daemon (erpcd or

Secure erpcd).

In the RADIUS-only method, a RADIUS server resides on the service

provider site and manages the TMS database. The NAS and the RADIUS

server communicate using IP over the service provider network.

Chapter 5

BayStream Multiservice Software Version 7.2

describes the commands you can use to provision

115623B Rev. 00

Table of Contents

Chapters

Table of Contents

Troubleshooting

This manual is also suitable for:

Remote annex Baydvs Bay dial vpn

Tunnel Management Server; Customer/Home/Internet Service Provider Network; Customer Premise Equipment (Cpe) - Bay Networks Baystream 7 Configuration And Troubleshooting Manual

Tunnel Management Server

Customer/Home/Internet Service Provider Network

Customer Premise Equipment (CPE)

Chapters

Troubleshooting

Related Manuals for Bay Networks Baystream 7

Related Content for Bay Networks Baystream 7

This manual is also suitable for:

Table of Contents