Nortel Networks L2TP Bedienungsanleitung

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80

Zur Seite of

Richtige Gebrauchsanleitung

Die Vorschriften verpflichten den Verkäufer zur Übertragung der Gebrauchsanleitung Nortel Networks L2TP an den Erwerber, zusammen mit der Ware. Eine fehlende Anleitung oder falsche Informationen, die dem Verbraucher übertragen werden, bilden eine Grundlage für eine Reklamation aufgrund Unstimmigkeit des Geräts mit dem Vertrag. Rechtsmäßig lässt man das Anfügen einer Gebrauchsanleitung in anderer Form als Papierform zu, was letztens sehr oft genutzt wird, indem man eine grafische oder elektronische Anleitung von Nortel Networks L2TP, sowie Anleitungsvideos für Nutzer beifügt. Die Bedingung ist, dass ihre Form leserlich und verständlich ist.

Was ist eine Gebrauchsanleitung?

Das Wort kommt vom lateinischen „instructio”, d.h. ordnen. Demnach kann man in der Anleitung Nortel Networks L2TP die Beschreibung der Etappen der Vorgehensweisen finden. Das Ziel der Anleitung ist die Belehrung, Vereinfachung des Starts, der Nutzung des Geräts oder auch der Ausführung bestimmter Tätigkeiten. Die Anleitung ist eine Sammlung von Informationen über ein Gegenstand/eine Dienstleistung, ein Hinweis.

Leider widmen nicht viele Nutzer ihre Zeit der Gebrauchsanleitung Nortel Networks L2TP. Eine gute Gebrauchsanleitung erlaubt nicht nur eine Reihe zusätzlicher Funktionen des gekauften Geräts kennenzulernen, sondern hilft dabei viele Fehler zu vermeiden.

Was sollte also eine ideale Gebrauchsanleitung beinhalten?

Die Gebrauchsanleitung Nortel Networks L2TP sollte vor allem folgendes enthalten:
- Informationen über technische Daten des Geräts Nortel Networks L2TP
- Den Namen des Produzenten und das Produktionsjahr des Geräts Nortel Networks L2TP
- Grundsätze der Bedienung, Regulierung und Wartung des Geräts Nortel Networks L2TP
- Sicherheitszeichen und Zertifikate, die die Übereinstimmung mit entsprechenden Normen bestätigen

Warum lesen wir keine Gebrauchsanleitungen?

Der Grund dafür ist die fehlende Zeit und die Sicherheit, was die bestimmten Funktionen der gekauften Geräte angeht. Leider ist das Anschließen und Starten von Nortel Networks L2TP zu wenig. Eine Anleitung beinhaltet eine Reihe von Hinweisen bezüglich bestimmter Funktionen, Sicherheitsgrundsätze, Wartungsarten (sogar das, welche Mittel man benutzen sollte), eventueller Fehler von Nortel Networks L2TP und Lösungsarten für Probleme, die während der Nutzung auftreten könnten. Immerhin kann man in der Gebrauchsanleitung die Kontaktnummer zum Service Nortel Networks finden, wenn die vorgeschlagenen Lösungen nicht wirksam sind. Aktuell erfreuen sich Anleitungen in Form von interessanten Animationen oder Videoanleitungen an Popularität, die den Nutzer besser ansprechen als eine Broschüre. Diese Art von Anleitung gibt garantiert, dass der Nutzer sich das ganze Video anschaut, ohne die spezifizierten und komplizierten technischen Beschreibungen von Nortel Networks L2TP zu überspringen, wie es bei der Papierform passiert.

Warum sollte man Gebrauchsanleitungen lesen?

In der Gebrauchsanleitung finden wir vor allem die Antwort über den Bau sowie die Möglichkeiten des Geräts Nortel Networks L2TP, über die Nutzung bestimmter Accessoires und eine Reihe von Informationen, die erlauben, jegliche Funktionen und Bequemlichkeiten zu nutzen.

Nach dem gelungenen Kauf des Geräts, sollte man einige Zeit für das Kennenlernen jedes Teils der Anleitung von Nortel Networks L2TP widmen. Aktuell sind sie genau vorbereitet oder übersetzt, damit sie nicht nur verständlich für die Nutzer sind, aber auch ihre grundliegende Hilfs-Informations-Funktion erfüllen.

Inhaltsverzeichnis der Gebrauchsanleitungen

  • Seite 1

    Part No. 303532-A Rev 00 Oc tob er 1998 BayRS V ersi on 13.0 0 Site Manager Soft ware Version 7. 00 Configurin g L2TP Se rvices[...]

  • Seite 2

    ii 303532-A Rev 00 4401 Great America P arkw ay 8 F ed eral Stree t Santa Cl ar a, CA 95054 Bil lerica , MA 01821 Copyr ight © 1998 Bay N et w orks, Inc. All rights rese rved . Pr inted in the USA. October 1998. The inf orma tion i n thi s do cumen t is subje ct t o cha nge with out not ice . The st at ement s, con f i gurat ion s, tec hni ca l da[...]

  • Seite 3

    303532- A Re v 00 iii Ba y Netw orks, Inc . Software Li cense Agreement NO TICE: Ple as e caref ul ly r ead this li ce nse agr eement befo re c opy ing or us in g the a cco mpanyi ng s oft ware or in st al li ng the har dware unit with pr e- enabled s oftwa re (e ach of w h ic h is ref er red to as “Sof tw are” i n t hi s Ag ree ment). BY COPYI[...]

  • Seite 4

    iv 303532 - A Re v 00 its o wn data and in fo rmatio n and for mai nt aining ad equate p ro ced ure s apa r t fr om the So ft wa re t o re construc t lost or alte red f iles, data , or p rogra ms. 4. Li mit ation o f li abil ity . IN NO EVENT WI LL BA Y NET WORKS OR ITS LICENSORS BE LI ABLE FOR ANY COST OF S UBSTI TUTE P ROCUREMENT ; S PECIAL, INDI[...]

  • Seite 5

    303532- A Re v 00 v Contents Preface Bef ore Y ou Begi n ... .. ..... ..... .... ... ..... .... ..... ....... ..... ..... .... ..... .. ..... ..... ..... .... ..... .. ..... ..... ..... .... x iii T ext Co n v entio n s ... ....... ..... .. ..... .. ... .. ..... .. .. ... .... ... .. ... .... ... ....... ..... .. ..... .. .. ... .... ... .. ... ...[...]

  • Seite 6

    vi 303532 - A Re v 00 L2TP I P Int erf ace Add resses .. .... ..... ..... .. ..... ..... .... ..... ..... .. ..... ..... .... ..... ..... .. ..... ..... . 1-15 Remot e Ro uter Co nfig urat i on ... ..... .... ..... ..... ..... .. ..... .... ..... ....... ..... ..... .... ..... ... .... .... 1 -16 Whe re to G o Ne xt .. .. ..... .. ..... ..... .....[...]

  • Seite 7

    303532- A Re v 00 vi i Appendi x B Co nfi gur a t io n Ex a mpl e s Exa mple 1: Remo te PC C alling t he Cor porat e Ne twork ....... ....... ....... . .... . ...... ....... . .... . .. B -1 Confi gurin g t he Remo te Host s .. ..... .... ..... .. ..... ..... ..... .... ..... ... .... ..... ..... .... ..... ... .... ..... B-2 Configur ing the LA Cs[...]

  • Seite 8

    [...]

  • Seite 9

    303532- A Re v 00 ix Figures Fi gure 1-1. L2TP Netwo rk Usin g a LA C .... ..... ..... .... ..... ..... .. ..... ..... .... ....... ..... ..... ..... ... 1-7 Fi gure 1-2. L2TP Netwo rk Usin g a RA S .. .... ... ..... .... ..... ..... ..... .. ..... .... ..... .. ... ..... .. ..... ... 1-7 Fi gure 1-3. P a ck et Encap sul atio n Proce ss ..... .....[...]

  • Seite 10

    [...]

  • Seite 11

    303532- A Re v 00 xi T a bles T able C-1. Comm on L2T P Network Problems and Solutions ............... ................... C-1[...]

  • Seite 12

    [...]

  • Seite 13

    303532- A Re v 00 xiii Preface This guide describes La yer 2 T unneling Proto col (L2TP) and what you do to st art and customi ze L2TP services on a Bay Networks ® r outer . Bef or e Y ou Begin Before using this guide, you must complete the follo wing procedur e s. For a ne w rout er: • Insta ll the rout er (re fer t o the inst all at ion guide [...]

  • Seite 14

    Configuring L2 TP Services xiv 3 03532 -A Re v 00 T ext Con v e n t ions This g uide uses the follo wing t ext con venti ons: bold t e xt Indica tes text tha t you need to enter and command names and options. Example: Enter s how ip { al ert s | route s } Example: Use t he dinfo c omman d. italic te xt Indica tes f ile and direc tory n ames, ne w t[...]

  • Seite 15

    Prefac e 303532- A Re v 0 0 xv Acr on yms CHAP Challe nge Ha ndshak e Authent icati on Protoc ol IP Int ernet Protocol ISDN Int egr a ted Services Digital Ne twork ISP Int ernet Servic e Provid er L2TP Layer 2 T unneli ng Pr otocol LA C L2TP acces s c oncentr ator LAN loc al area networ k LCP Link Cont rol Protocol LNS L2TP networ k serve r MPPP Mu[...]

  • Seite 16

    Configuring L2 TP Services xvi 3 03532-A Rev 00 Ba y Netw or ks T e c hnical Publ i catio ns Y ou can now pr int Bay Networks te chnical manua ls and relea se notes free, direc tly from the Interne t. Go to support. baynetworks. com/libr ary/ tpubs/ . Find the Bay Networks product f or which you need documentation . Then locate t he specif ic categ[...]

  • Seite 17

    303532- A Re v 00 1-1 Chapter 1 L2TP O verview The Layer 2 T unneling Protocol ( L2TP) provi des remote use rs , suc h as telec ommuters, mobi le professionals , an d personne l in remote branch of fic es, with d ia l-in a ccess to a corpor ate network. L2TP enables user s to create a virt ual pri vat e net work ( VP N), whic h us es the exi stin g[...]

  • Seite 18

    Configuring L2 TP Services 1-2 303532 - A Re v 00 L2TP Bene fi ts L2TP has se ve ral adv anta ges : • Use r s and busi nesses can tak e adva ntage of exist ing networ k eq uipment and resou rces . Corpor ations do not need to maintain a nd manage remote access se rv er s and other spe cial netw orking equipment f or remote users. Ins tead, the y [...]

  • Seite 19

    L2TP Overview 303532- A Re v 0 0 1-3 Multip le users can communicate t hrough a single tunnel betwee n th e same LA C and LNS pa ir . Eac h user trans mits and r ecei v es data in a n indi vidual L2TP sessi on. The LA C brings do wn the tu nnel for any one of the follo wing reasons: • A ne twor k fa ilur e occurs. • The LA C or othe r e quipmen[...]

  • Seite 20

    Configuring L2 TP Services 1-4 303532 - A Re v 00 Components of an L2TP Netw ork The follo win g section s desc ribe t he component s of a n L2TP ne twor k. F or illust r ati ons of L2TP netw or ks, see Figure s 1-1 and 1-2 on pa g e 1-7 . Remote Host At the remote si te is the user who wants to dial in to the c orporat e network. The remote use r [...]

  • Seite 21

    L2TP Overview 303532- A Re v 0 0 1-5 L2TP Access Concentrator (LAC) The L2TP access conce ntrator (LA C) resi des at the ISP networ k. The LA C establi shes the L2TP t unnel b etween i tself a nd the LN S. When the remote user pla ces a call to the ISP networ k, this call goes to the LA C . The LA C then ne gotiates the acti v ation of an L2TP tunn[...]

  • Seite 22

    Configuring L2 TP Services 1-6 303532 - A Re v 00 L2TP Netw ork Server (LNS) The L2TP network se rver (LNS) is a router that reside s at the corporate net wor k and serv es as the termina tion point for L2TP tunn els and sessions . The LNS authenti cate s the PPP connect ion request and allo ws the end-to-e nd PPP tunne led connection. The LNS m a [...]

  • Seite 23

    L2TP Overview 303532- A Re v 0 0 1-7 Examples of L2TP Networks Figure 1- 1 shows an L2 TP net work that uses a LA C t o connect t o t he LNS. The tunne l i s betwee n the LA C a nd the LNS. Figu re 1 -1. L2T P Network Usi ng a LA C Figure 1- 2 shows a n L2TP network that use s a RAS to conne ct to the LNS. The tunne l i s betwee n the PC (t he L2TP[...]

  • Seite 24

    Configuring L2 TP Services 1-8 303532 - A Re v 00 L2TP P ac ket Encapsul ation The PC or route r at t he r emote s ite s ends PPP pa cke ts to the LAC. The LA C encaps ulates thes e incoming pack ets in an L2TP packet and sends it acr oss a n IP netw ork t hrough a bidir ectiona l tunne l. Af ter t he LNS r ecei ve s the packe ts, i t decaps ulates[...]

  • Seite 25

    L2TP Overview 303532- A Re v 0 0 1-9 Making a Connection Ac r os s an L2TP Netw ork The follo wing steps expla in how a remote user connects across an L2 TP network that inclu des a B ay Ne tworks LA C, TMS, and LNS (se e Fi gure 1-1 on page 1-7 ): 1. The remote user di a l s a LAC at the loc al ISP network to est ablish a PPP connec tion to the co[...]

  • Seite 26

    Configuring L2 TP Services 1-10 303532 - A Re v 00 Security in a n L2TP Network Y ou can conf igure tw o layer s of security in an L2TP netw ork: • T unnel authenti c ation T unnel a uthenti cation i s t he proc ess of negotia ting the est ablishment of a tunne l betwe en t he LA C an d the LNS. • Use r auth e nticati on The networ k administr [...]

  • Seite 27

    L2TP Overview 303532- A Re v 0 0 1-11 Ba y Netw orks L2TP Implementation In an L2TP netw or k , the Bay Networ ks router is the LNS. LNS soft ware ope r ates on the BLN ® , BCN ® , and ASN ™ platforms. The Bay Networ ks LNS ha s the follo wing char acteristi c s: • Ea ch slot ca n act as an LNS , which means th at one route r can ha ve many L[...]

  • Seite 28

    Configuring L2 TP Services 1-12 303532 - A Re v 00 T unnel Man a gement The Bay Netw orks t unnel m anagement se rv er (TMS), which resi des at the I SP netw ork, stores the TMS dat abase. This database c ontains th e remote users’ domain name, the IP addr ess information of each LNS, and other tunnel addre ssing informati on t hat t he networ k [...]

  • Seite 29

    L2TP Overview 303532- A Re v 0 0 1-13 Y ou c an enab le tun nel authe nti cation on th e Bay Networks LNS . If tunne l authenti c ati on is disable d, whi ch is the de f ault, the LNS sends a d efault c hallen ge response to the LA C during the aut hen tic ation process so that the tunne l can be establi shed. The LNS cannot send outgoin g ca lls, [...]

  • Seite 30

    Configuring L2 TP Services 1-14 303532 - A Re v 00 After tunnel authent ication is comple te, it does not need to be rep eate d f or other calls to the same LA C. RADIUS User Authentication RADIUS user authe ntication is e nabled b y def ault on the Bay Ne tw orks LNS; you must conf igure this fe atur e s o tha t the LNS ca n v alida te the r emote[...]

  • Seite 31

    L2TP Overview 303532- A Re v 0 0 1-15 RADIUS Accounting The RADIUS se rver can pr ovide acc ounting se rvic es i n addit ion to its authenti c ation s e rvices. RADIUS ac counting is enabled by def ault o n the Bay Netw orks LNS. The RADIUS accounti ng serve r calculates bil ling charges for an L2TP sess ion betwee n th e remo te user and the LNS .[...]

  • Seite 32

    Configuring L2 TP Services 1-16 303532 - A Re v 00 Remote Router Configuration If the hos t at the remote site is a Bay Networ ks route r , you m ay need to c onf igure a dial -on-d emand circuit f o r the re mote rou ter’ s dial- up interfac e to the L A C at the ISP networ k. Enable RIP on both the dia l- on- demand c ir cuit and the att ached [...]

  • Seite 33

    L2TP Overview 303532- A Re v 0 0 1-17 Where to Go Ne x t Go to one of the follo wing chapters for more infor mation: If y ou want to Go to Start L2TP on a router usin g def a ult par amet er sett ing s. Chapter 2 Change de fault set tings f or L2TP para m eters . Chapter 3 Obtain i nf or mat ion about Site Manager param ete rs (thi s is the same in[...]

  • Seite 34

    [...]

  • Seite 35

    303532- A Re v 00 2-1 Chapter 2 Starting L2TP The quicke st way to sta r t L2TP is to enabl e it with the defaul t configu r ati on that Bay Ne tworks softw are s uppli es. This con fi guration u ses a ll a va ilable p arameter defa ult s. Y ou need to supply v alue s for se v eral par ameters that do not ha ve def ault val ue s. This c hapte r in [...]

  • Seite 36

    Configuring L2 TP Services 2-2 303532 - A Re v 00 Plannin g Considerations for an L2TP Network This guide primarily e xplains how to confi gure a Bay Networ ks BLN, BCN, or ASN route r a s a n LNS i n an L2TP networ k. T o suc cessful ly opera te i n an L2TP netw ork, obtain the fol lo win g informat ion to conf igure the LNS. T unnel Authenticatio[...]

  • Seite 37

    Starting L2 TP 303532- A Re v 0 0 2-3 Preparing a Configurat ion File Before starti ng L2TP , yo u must c reat e and save a co n figurat ion file with a t least one W AN i nte rface , for exam ple , a synchronous or MCT1 port. Fo r informatio n about the Site Manager conf igur ation tool and ho w t o wor k with conf iguration f iles, see C onf igur[...]

  • Seite 38

    Configuring L2 TP Services 2-4 303532 - A Re v 00 Enabling L2TP on an Unconfig ured W AN Interface T o enable L2TP on an unc onf igured W AN int erfac e, comp l ete the f ollo wing t a s ks: Site Manager Procedu r e Y ou do this System respo nds 1. In the Conf igu ration M anage r win dow , choose a W AN c onnector . The Add Ci rcui t win dow ope n[...]

  • Seite 39

    Starting L2 TP 303532- A Re v 0 0 2-5 Enabling L2TP on an Existing P PP Interface T o enable L2TP on an inte rface with PPP and IP already e nabled, compl ete the foll o wing ta sks: 11. Clic k on OK . 12. Clic k on Done . Y ou r et ur n to t he Conf igur atio n Man ager windo w . Site Manager Procedu r e Y ou do this System respo nds 1. In the Con[...]

  • Seite 40

    Configuring L2 TP Services 2-6 303532 - A Re v 00 9. Set the f o l l ow ing parame ter s: • L2TP IP Interfa ce Addre ss • Subnet Mas k Clic k on Hel p or see th e par amete r descript i ons beginn ing on pag e A-11 . Site Manager displ ay s a mes sage alerting y ou of th e time dela y t o cr eate the L2TP tu nnel cir cui ts. 10. Clic k on OK . [...]

  • Seite 41

    Starting L2 TP 303532- A Re v 0 0 2-7 Ena b ling L2 TP on an Exis ti ng Frame Rel ay I nter face T o enable L2TP on a n inte rface with fram e relay and IP al ready enabled , compl ete the follo wing tasks: Site Manager Procedu r e Y ou do this System respo nds 1. In the Conf igu ration M anage r win dow , choose a W AN c onnector . The Edit Connec[...]

  • Seite 42

    Configuring L2 TP Services 2-8 303532 - A Re v 00 11. Clic k on OK . Y ou retu r n to th e L2 TP IP In ter f ace Li st windo w , which displa ys the IP i nter fac e addres s and the s ubnet mas k. A mess age windo w opens that rea ds, L2TP Conf ig urati on i s co mple ted . 12. Clic k on OK . 13. Clic k on Done . Y ou r etu r n t o t he F ra me R e[...]

  • Seite 43

    Starting L2 TP 303532- A Re v 0 0 2-9 Enabl ing L2TP on an E xisting A TM Interface T o enable L2TP on an int erface w i th A T M and IP alrea dy enabl ed, you can enable L2TP in tw o ways. If your interf ace uses a COM connector , c omplete the ta sks in the follo wing table. If your inte rface us e s an A TM connector , go to page 2 -10 . Site Ma[...]

  • Seite 44

    Configuring L2 TP Services 2-10 303532 - A Re v 00 If y our A TM inte rface us es an A TM conn ecto r , co mple te th e followi n g t asks: 12. Clic k on Done . Y ou r eturn t o the Circ uit D efi niti on windo w . 13. Choose File . The Fil e menu open s. 14. Choose Exit . Y ou r et ur n to t he Conf igur atio n Man ager windo w . Site Manager Proc[...]

  • Seite 45

    303532- A Re v 00 3-1 Chapter 3 Customiz ing L 2TP Services When y ou ena ble L2 TP , defa ult v alues a re in ef fe ct for most parameter s (se e parame ter descrip tions in Appendix A , “ L2TP Para meters ”). Y o u m ay wa nt to change some of t hese v alue s, de pending on the requir ements of y our ne twork . This c hapte r in cludes th e f[...]

  • Seite 46

    Configuring L2 TP Services 3-2 303532 - A Re v 00 Modifying the L 2TP Pr otocol Configuration T o modify how da ta is transmitte d across an L2TP networ k, suc h as the number , freq uency , a nd timi ng of data a nd acknowl edgment pack ets e xchanged between the LNS and LA C, you can modify the L2TP protoc ol pa rameters. T o modify the L2TP prot[...]

  • Seite 47

    Custom izing L2TP Services 303532- A Re v 0 0 3-3 Modifying RA DIUS Ser v er Information If you change the add ress of the RADIUS ser ver tha t you are usin g to authen ticate remote users and manage accounti ng functi ons, you mu st upda te the server addre ss information on the LNS. Fo r more information ab out using a RADIUS s erv er in an L2TP [...]

  • Seite 48

    Configuring L2 TP Services 3-4 303532 - A Re v 00 Changing th e LNS Sy stem Name The LNS syste m name i s t he name o f the router . This name i s u sed during tun nel setup to ident ify th e LNS uniq ue ly . By def ault , Si te Manage r e nters th e syst em name that you initial ly conf igured when fi rst a ccessi ng the router . Se e Conf iguring[...]

  • Seite 49

    Custom izing L2TP Services 303532- A Re v 0 0 3-5 Modifying the Number of L2TP Se ssions P erm i tte d Y ou ca n m od ify th e ma xi mum nu m ber of ac tive L2TP sess ions tha t the LNS ca n manage. The de fault is 100 se ssi ons. Fo r more information ab out L2TP sessions, se e “ L2TP Sessions ” o n page 1-3 . T o change the maximum number of [...]

  • Seite 50

    Configuring L2 TP Services 3-6 303532 - A Re v 00 K ee ping the Rem ote User ’ s Dom ain Name The LNS remov es the domain name from the complete use r name b y default, befor e passing it on to the RADIUS serve r for user authen tic ation. T o ke ep th e domain name wi th the user n ame, comple te th e follo wing t asks: Site Manager Procedu r e [...]

  • Seite 51

    Custom izing L2TP Services 303532- A Re v 0 0 3-7 Changing the Domain Name De limiter In the complet e user name there is a single -cha racter delimiter tha t separ ates the user na me from t he domain na m e. By defaul t, the LNS remov es the do m ain na me when it rece iv e s a ca ll. The delimi te r tells the LNS which ch arac ters to rem o v e.[...]

  • Seite 52

    Configuring L2 TP Services 3-8 303532 - A Re v 00 En abli ng T un nel A uth ent ica tio n T o prev ent unauthorize d users from accessi ng t he cor porate networ k, you can enable t unnel auth entic ation. Dur ing tunnel ne gotiati on, the LA C s e nds it s tunne l authenti c ation p a ssword to t he LNS. If the pass word is not recognize d by the [...]

  • Seite 53

    Custom izing L2TP Services 303532- A Re v 0 0 3-9 Modifying L2TP IP Interface Ad d resses The L2TP I P Int e rface List windo w lists the L2TP IP interf a ce addresses f or each slot tha t has L2TP c onf igure d. The LNS uses the address es interna lly to ide ntify the remote si tes. Fo r more information ab out the L2TP I P interf ace, see “ L2T[...]

  • Seite 54

    Configuring L2 TP Services 3-10 303532 - A Re v 00 Disab ling RIP RIP is enabled on the LNS b y de f a ul t so that the LNS can learn routes f rom the remote dial-in router . I f the LNS does n ot re quire R IP support, y ou can disa ble i t. T o disa ble R IP , com plete th e follo wi ng tas ks: Disabling L2TP T o disable L2TP on a slot, comple te[...]

  • Seite 55

    Custom izing L2TP Services 303532- A Re v 0 0 3-11 Deleting L2 TP fr om a P P P Inte rfa ce T o delete L2TP from a PPP inte rface , comp lete t he f ollo w i ng ta s ks: 6. Set t he Enable L2TP par amet er to Disabl e . Clic k on Help or see the paramet er des cri pti on on page A- 3 . Site Mana ger di sabl es L2TP f or t he sl ot. 7. Clic k on Don[...]

  • Seite 56

    Configuring L2 TP Services 3-12 303532 - A Re v 00 Deleting L2 TP fr om a Fr a me Rela y Interface T o delete L2TP from a frame relay int erface, comp l ete t he fo l lowing tasks: Site Manager Procedu r e Y ou do this System respo nds 1. In the Conf igu ration M anage r win dow , clic k on a W AN connect or co nf igured with L2TP . The Edi t Con n[...]

  • Seite 57

    Custom izing L2TP Services 303532- A Re v 0 0 3-13 Deleting L2TP fr om an A TM Interface T o delete L2TP from an A TM inte rface on a CO M c onnector , complete the foll o wing ta sks: T o delete L2TP from an A TM inte rface on a n A T M c onnector , comple te the foll o wing ta sks: Site Manager Procedu r e Y ou do this System respo nds 1. In the [...]

  • Seite 58

    Configuring L2 TP Services 3-14 303532 - A Re v 00 6. Clic k on OK . Y ou re tu r n to th e A TM S e r v ic e Rec o rds List window . 7. Clic k on Done . Y ou re tu r n to th e Ed it A T M C o nn e c to r windo w . 8. Clic k on Done . Y ou r eturn t o the Confi gurat ion M anager windo w . Site Manager Procedur e (con tinu ed) Y ou do this System r[...]

  • Seite 59

    303532- A Re v 00 A-1 Appendix A L2TP P arameter s This appendix contains the Site Manage r parameter descr iptions fo r L2TP servic es. Y ou c an displ a y the same information using Si te Manager online Help. Fo r inf ormatio n about the IP para meters t ha t you set when ena bling L2TP , see Conf igu ring I P Servic es . This a ppendix conta ins[...]

  • Seite 60

    Configuring L2 TP Services A- 2 303532 - A Re v 00 The T ech nicia n Interfa ce al l o ws you t o modify para meter s by issu ing set and commit commands with the MIB object ID. This proce ss is eq uiva len t t o modifying pa rameters using Site Manager . For more infor mation about using the T ec hnic ian Inte rface t o acces s the MIB, see Using [...]

  • Seite 61

    L2TP P arame ters 303532- A Re v 0 0 A-3 Parame ter : Ena ble L2TP Path: Configu r ation M anager > P rotoco ls > I P > L2TP > L2TP C onf iguration Defaul t: Enable Options: Enable | Disabl e Function: Enables or disables L2TP on this i nterface. Instruc ti ons: S i te Manager automatica lly sets thi s paramete r to Enab le when you sel[...]

  • Seite 62

    Configuring L2 TP Services A- 4 303532 - A Re v 00 Parame ter : Re tra n sm it Time r (s econ ds) Path: Configu r ation M anager > P rotoco ls > I P > L2TP > L2TP C onf iguration Defaul t: 1 Options: 1 to 60 se conds Function: I n dicates the number of seconds that the LNS wait s for an ackno wledgment from the LA C before r esending pa[...]

  • Seite 63

    L2TP P arame ters 303532- A Re v 0 0 A-5 Par ameter: Ack T imeout (millisec onds) Path: Configu r ation M anager > P rotoco ls > I P > L2TP > L2TP C onf iguration Defaul t: 250 Options: 1 to 350 m illi seconds Function: S pec if ies the maximum number of millis econds that can ela pse before the LNS sends an ackno wle dgment to the LA C[...]

  • Seite 64

    Configuring L2 TP Services A- 6 303532 - A Re v 00 Par ameter: RADIUS Primary Server Pa ssword Path: Configu r ation M anager > P rotoco ls > I P > L2TP > L2TP C onf iguration Defaul t: None Options: Any alphanum eric string, up to a maximum of 64 c haracte rs Function: S pec if ies the primary RADIUS serv er’ s pa s sword. Instruc ti[...]

  • Seite 65

    L2TP P arame ters 303532- A Re v 0 0 A-7 Par ameter: Remove Domain Name Path: Configu r ation M anager > P rotoco ls > I P > L2TP > L2TP C onf iguration Defaul t: Enable Options: Ena ble | Disa ble Function: I n structs t he route r whether to re mov e the dom ain name f rom t he complete use r name before RADIUS authentic ation takes p[...]

  • Seite 66

    Configuring L2 TP Services A- 8 303532 - A Re v 00 L2TP T unnel Securi ty P a ra m eters The L2TP T unnel Security List windo w (Figur e A-2) contains th e tunnel authenti c ation p a rameters . Figu re A- 2. L2T P T un nel Sec urity Lis t Wind ow The paramete r desc riptio ns fol low .[...]

  • Seite 67

    L2TP P arame ters 303532- A Re v 0 0 A-9 Parame ter : Ena ble T u nnel Authe nticatio n Path: Configu r ation M anager > P rotoco ls > I P > L2TP > T unnel Authe nticatio n Defaul t: Disable Options: Enable | Disabl e Function: Enables or disables the use of t unnel a ut he nt ication fo r a sl ot on the LNS. T unnel authentica tion pro[...]

  • Seite 68

    Configuring L2 TP Services A- 10 303532 -A Rev 00 L2TP IP Int erface P a ramete r s The L2TP IP Interf a ce List wi ndow (Figur e A-3) c on t a i ns t he list of IP i nterface s for e ach sl ot on t he route r conf igured wi th L2 TP . Figure A-3. L2TP IP Interface List Window When you cli c k on Change, Site Manager d isplays t he L2TP IP In te rf[...]

  • Seite 69

    L2TP P arame ters 303532- A Re v 0 0 A-11 The paramete r desc riptio ns fol low . Parame ter : L2 TP IP Inte rface Ad dress Pa th: Configu r ation M anager > Prot oc ols > IP > L2TP > L2TP IP Int erfa ce Defaul t: None Options: Any unique IP address Function: S pec if ies the IP address that identi f ies the L2TP IP int erfac e for the [...]

  • Seite 70

    Configuring L2 TP Services A- 12 303532 -A Rev 00 Par ameter: RIP Enable Pa th: Configu r ati on Manager > Pr otoco ls > I P > L2TP > L2TP I P I nt erface Defaul t: Enable Options: Enable | Disable Function: S pec if ies whether RIP List en is enabled on this inte rface . See Configu ring IP Services f or m or e informat ion about RIP .[...]

  • Seite 71

    303532- A Re v 00 B-1 Appendix B Conf iguration Exa mples This a ppendix prov ide s two e xamples of L2TP ne twork conf igurati ons. It i nclude s only t hose p aram eters that re quire cha nges fr om th eir d efa ult setti ngs for prope r conf iguration. F or instruc tions on modifying pa rameters, se e Cha pt e r 3, “Customi zing L2 TP Ser vice[...]

  • Seite 72

    Configuring L2 TP Services B- 2 303532 - A Re v 00 Figure B-1. L 2TP Netwo rk with PCs at the Remote Site Configuring the Remote Hosts The remote host s i n this ne twork are two PCs run ning Wi ndows 95. Neither PC has inter nal L2TP capabil ities. In this netw ork, one PC has a s ynchron ous dia l connec tion to the ISP via a modem. The othe r PC[...]

  • Seite 73

    Configuration Examp les 303532- A Re v 0 0 B-3 Configuring the LACs and the TMS The LA Cs in this ne two rk are Model 5399 Remote Access Conce ntr ators. Bo th de vi ces ha v e L2 TP modules insta lle d. S ee Model 5399 Remote Acce ss Concent rator documenta tio n for inf ormat ion about conf iguri ng L2TP . The LA Cs use the same TMS, which you co[...]

  • Seite 74

    Configuring L2 TP Services B- 4 303532 - A Re v 00 6. In t he L2 TP T un neling Sec urity window , e nable tunn el aut henti cation. 7. In t he L2 TP I P In terface wind ow , e nter the L 2TP I P a ddress. During the L2TP session, the RADIUS serv e r assigns the follo wing IP addre sses: jsmar t@baynetwor ks.com: 192. 32.40.1 mmark@baynetw orks.com[...]

  • Seite 75

    Configuration Examp les 303532- A Re v 0 0 B-5 Exampl e 2: Remote Router Ca ll ing the Corpo ra te Netw o rk Figure B -2 shows a ne tw ork with two B aySta c k™ AN ® route rs at the re mote si te. The AN routers are u s ing dial -o n-d e ma nd servi ce fo r dia l- up c onnections. In this network, note the follo wing: • P PP is the W AN protoc[...]

  • Seite 76

    Configuring L2 TP Services B- 6 303532 - A Re v 00 Configuring the Dial-on-Demand C ircuit Modify t he dial-on- demand circui t conf igura tion f or t he AN r outers as f ollo ws: 1. In th e Conf i guration Manager window , choose Dialup > De mand C i rc uit s > Demand P ools > PPP Cir cuits > PPP Demand Ci rc uits t o display the PPP D[...]

  • Seite 77

    303532- A Re v 00 C-1 Appendix C T r ouble shooting T o monitor your L2TP network a nd solve proble ms that may occur , fir st check the e v ent l og f ile for a ny m essages recorde d b y the LNS. For infor mation a bout vie wi ng and reading e ven t messag es, see Event Messag e s for Routers and Conf igu ring and Manag ing Routers with Site Mana[...]

  • Seite 78

    Configuring L2 TP Services C-2 303532 - A Re v 00 L2TP sessi on is not activ e. The LNS fai l ed to negoti at e the PPP LCP options . Reconfi gure the host at t he remote si te dial ing in to the I SP . For a Bay Net work s rout er at the remote site, chec k the PPP MR U/MRR U s ize . The LNS sup por ts a n MR U/MR UU siz e of 1500 only . Use the f[...]

  • Seite 79

    303532- A Re v 00 Index-1 A acco untin g, RADI US, 1- 15 Ac k T imeout (m ill is eco nds) pa ram e ter , A-5 acro nym s , xv B Bay N etw orks LNS. See LNS C conf i gu rati on e xam p l e s, B-1 conf igurat i on f i le , re quirem ent s, 2- 3 conven tion s, t ext, xiv D d eleti ng L2 TP fr om A T M, 3-1 3 from fram e re la y , 3- 1 2 fro m PPP , 3-1[...]

  • Seite 80

    Ind ex -2 3 03532-A Re v 00 LNS ( con ti nue d) L2TP sec urity , 1- 10 mod ifyi ng pr oto col conf igurati on , 3-2 oper ating wi th LA Cs, 1- 11 LNS Syst em Name par am et er , A-5 LNS s yst em name , ch angi ng , 3- 4 M Max L2TP Sessions pa ram eter , A- 3 Maximum Retransmit parameter , A-4 P pack et enc aps ula tion , L2TP , 1-8 par ame ters cus[...]