Table of Contents
Advertisement
Figure 80 LAC-auto-initiated tunneling mode
Remote system
Host A
An LAC-auto-initiated tunnel has the following characteristics:
•
The connection between a remote system and the LAC is not confined to a dial-up connection
and can be any IP-based connection.
•
An L2TP session is established immediately after an L2TP tunnel is established. Then, the LAC
and LNS, acting as the PPPoE client and PPPoE server, respectively, perform PPP negotiation.
•
An L2TP tunnel can carry only one L2TP session.
•
The LNS assigns a private IP address to the LAC instead of to the remote system.
As shown in
establishing a NAS-initiated tunnel. (Details not shown.)
Figure 81 Establishment process for LAC-auto-initiated tunnels
L2TP features
•
Flexible identity authentication mechanism and high security—L2TP by itself does not
provide security for connections. However, it has all the security features of PPP and allows for
PPP authentication (CHAP or PAP). L2TP can also cooperate with IPsec to improve security for
tunneled data.
•
Multiprotocol transmission—L2TP tunnels PPP frames, which can be used to encapsulate
packets of multiple network layer protocols.
•
RADIUS authentication—An LAC or LNS can send the username and password of a remote
user to a RADIUS server for authentication.
LAN
Figure
81, the workflow for establishing an LAC-auto-initiated tunnel is similar to that for
LAC auto initiated
L2TP tunnel
Internet
LAC
Device A
254
Private
network
LNS
Device B
RADIUS server
Advertisement
Table of Contents
Troubleshooting
