HP MSR Router Series Wan Access Configuration Manual page 82

Hide thumbs Also See for MSR Router Series:

Configuration manual (889 pages)

Command reference manual (684 pages)

Configuration manual (248 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

Table of Contents

The LAC sends the authentication information (username and password) to its RADIUS server

(RADIUS server A) for authentication.

RADIUS server A authenticates the user and returns the result.

The LAC initiates an L2TP tunneling request to the LNS (Device B) when the following conditions

exist:

The user passes the authentication.

The user is determined to be an L2TP user according to the username or the ISP domain to which

the user belongs.

If tunnel authentication is needed, the LAC and LNS send CHAP challenge messages to

authenticate each other before successfully establishing an L2TP tunnel.

The LAC and LNS negotiate to establish L2TP sessions.

The LAC sends PPP user information and PPP negotiation parameters to the LNS.

10.

The LNS sends the authentication information to its RADIUS server (RADIUS server B) for

authentication.

11.

RADIUS server B authenticates the user and returns the result.

12.

If authentication succeeds and mandatory CHAP authentication is configured on the LNS, the LNS

authenticates the PPP user by sending a CHAP challenge. The PPP user replies with a CHAP

response.

13.

The LNS sends the authentication information to RADIUS server B for authentication.

14.

RADIUS server B authenticates the user and returns the result.

15.

If the user passes the authentication, the LNS assigns a private IP address to the remote system

(Host A).

16.

The PPP user can access internal resources of the enterprise.

In steps 12, 15, and 16, the LAC forwards packets for the remote system and LNS. Host A and LAC

exchange PPP frames, and the LAC and LNS exchange L2TP packets.

Client-initiated tunneling mode

As shown in

communicate with the LNS through the Internet. The LAC client can directly initiate a tunneling request to

the LNS without any dedicated LAC devices.

Figure 27 Client-initiated tunneling mode

A client-initiated tunnel has the following characteristics:

Figure

27, a remote system running L2TP (LAC client) has a public IP address to

Table of Contents

Show Quick Links

Quick Links:
Configuring Ppp and Mp

Hide quick links:

Table of Contents

Troubleshooting

Need help?

Do you have a question about the MSR Router Series and is the answer not in the manual?

HP MSR Router Series Wan Access Configuration Manual page 82

Hide quick links:

Troubleshooting

Need help?

Questions and answers

Related Products for HP MSR Router Series

HP MSR Router Series Wan Access Configuration Manual page 82

Hide quick links:

Troubleshooting

Need help?

Questions and answers

Related Manuals for HP MSR Router Series

Related Products for HP MSR Router Series

Table of Contents