L2Tp Features - HP MSR Router Series Wan Access Configuration Manual

Hide thumbs Also See for MSR Router Series:

Configuration manual (889 pages)

Command reference manual (684 pages)

Configuration manual (22 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

Table of Contents

The LNS assigns a private IP address to the LAC instead of to the remote system.

•

As shown in

establishing a NAS-initiated tunnel. (Details not shown.)

Figure 30 Establishment process for LAC-auto-initiated tunnels

L2TP features

Flexible identity authentication mechanism and high security—L2TP by itself does not provide

•

security for connections. However, it has all the security features of PPP and allows for PPP

authentication (CHAP or PAP). L2TP can also cooperate with IPsec to improve security for tunneled

data.

•

Multiprotocol transmission—L2TP tunnels PPP frames, which can be used to encapsulate packets of

multiple network layer protocols.

RADIUS authentication—An LAC or LNS can send the username and password of a remote user to

•

a RADIUS server for authentication.

Private address allocation—An LNS can dynamically allocate private addresses to remote users.

•

This facilitates address allocation for private Internets (RFC 1918) and improves security.

Flexible accounting—Accounting can be simultaneously performed on the LAC and LNS. This

•

allows bills to be generated on the ISP side and charging and auditing to be processed on the

enterprise gateway. L2TP can provide accounting data, including inbound and outbound traffic

statistics (in packets and bytes) and the connection's start time and end time. The AAA server uses

these data for flexible accounting.

Reliability—L2TP supports LNS backup. When the connection to the primary LNS is torn down, an

•

LAC can establish a new connection to a secondary LNS. This redundancy enhances the reliability

of L2TP services.

•

Issuing tunnel attributes by RADIUS server to LAC—In NAS-initiated mode, the tunnel attributes can

be issued by the RADIUS server to the LAC. For the LAC to receive these attributes, enable L2TP and

configure remote AAA authentication for PPP users on the LAC.

When an L2TP user dials in to the LAC, the LAC as the RADIUS client sends the user information to

the RADIUS server. The RADIUS server authenticates the PPP user, returns the result to the LAC, and

issues L2TP tunnel attributes for the PPP user to the LAC. The LAC then sets up an L2TP tunnel and

sessions based on the issued L2TP tunnel attributes.

Figure

30, the workflow for establishing an LAC-auto-initiated tunnel is similar to that for

Table of Contents

Show Quick Links

Quick Links:
Configuring Ppp and Mp

Hide quick links:

Table of Contents

L2Tp Features - HP MSR Router Series Wan Access Configuration Manual

L2TP features

Hide quick links:

Troubleshooting

Related Manuals for HP MSR Router Series

Related Content for HP MSR Router Series

Table of Contents