1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. JUNOSE 11.0.X IP SERVICES
  6. Configuration manual

L2Tp/Ipsec Tunnels; Chapter 12 Securing L2Tp And Ip Tunnels With Ipsec - Juniper JUNOSE 11.0.X IP SERVICES Configuration Manual

For e series broadband services routers - ip services configuration
Hide thumbs
Table of Contents

Advertisement

NOTE: IETF drafts are valid for only 6 months from the date of issuance. They must
be considered as works in progress. Please refer to the IETF Web site at
http://www.ietf.org for the latest drafts.
For additional configuration information, see:

L2TP/IPSec Tunnels

L2TP/IPSec remote access allows clients to connect to a corporate VPN over the
public Internet with a secure connection. The L2TP tunnel runs on top of an IPSec
transport mode connection. The secure tunnel runs from the client PC to the E Series
router that terminates the secure tunnel. For example, using L2TP with IPSec enables
B-RAS clients to securely connect to a corporate or other VPN in addition to using
another unsecured connection to the Internet, depending on the client software
capabilities.
On the router side of the L2TP connection, the E Series router acts as the LNS. On
the PC client side of the connection, the client acts as the LAC and runs the L2TP/IPSec
client software on supported platforms. (For a list of the supported platforms, see
"Client Software Supported" on page 291.) Both sides of the connection run IPSec in
transport mode with Encapsulating Security Payload (ESP) encryption and
authentication.
In the model shown in Figure 22 on page 290, a client PC connects to its local provider,
who gives the client a public IP address. Using the public IP address, the client PC
initiates an IPSec connection toward the L2TP/IPSec gateway for the private network
that it wants to connect to. After establishing the IPSec connection, the client
establishes an L2TP tunnel to the same L2TP/IPSec gateway, which provides the
client with another IP interface to access the private network it is connecting to. The
L2TP tunnel is completely protected by the IPSec connection established earlier.
Negotiation of NAT-Traversal in the IKE draft-ietf-ipsec-nat-t-ike-08.txt (July
2004 expiration)
UDP Encapsulation of IPsec ESP Packets draft-ietf-ipsec-udp-encaps-09.txt
(November 2004 expiration)
"Configuring IPSec" on page 125
"Configuring Digital Certificates" on page 213
"Configuring IP Tunnels" on page 245
L2TP Overview
Chapter 12: Securing L2TP and IP Tunnels with IPSec
L2TP/IPSec Tunnels
289

Advertisement

Table of Contents
loading

Related Manuals for Juniper JUNOSE 11.0.X IP SERVICES

Related Content for Juniper JUNOSE 11.0.X IP SERVICES

This manual is also suitable for:

Junose 11.0.x

Table of Contents