Nortel Networks L2TP manuale d’uso

Part No. 303532-A Rev 00 Oc tob er 1998 BayRS V ersi on 13.0 0 Site Manager Soft ware Version 7. 00 Configurin g L2TP Se rvices[...]

ii 303532-A Rev 00 4401 Great America P arkw ay 8 F ed eral Stree t Santa Cl ar a, CA 95054 Bil lerica , MA 01821 Copyr ight © 1998 Bay N et w orks, Inc. All rights rese rved . Pr inted in the USA. October 1998. The inf orma tion i n thi s do cumen t is subje ct t o cha nge with out not ice . The st at ement s, con f i gurat ion s, tec hni ca l da[...]

303532- A Re v 00 iii Ba y Netw orks, Inc . Software Li cense Agreement NO TICE: Ple as e caref ul ly r ead this li ce nse agr eement befo re c opy ing or us in g the a cco mpanyi ng s oft ware or in st al li ng the har dware unit with pr e- enabled s oftwa re (e ach of w h ic h is ref er red to as “Sof tw are” i n t hi s Ag ree ment). BY COPYI[...]

iv 303532 - A Re v 00 its o wn data and in fo rmatio n and for mai nt aining ad equate p ro ced ure s apa r t fr om the So ft wa re t o re construc t lost or alte red f iles, data , or p rogra ms. 4. Li mit ation o f li abil ity . IN NO EVENT WI LL BA Y NET WORKS OR ITS LICENSORS BE LI ABLE FOR ANY COST OF S UBSTI TUTE P ROCUREMENT ; S PECIAL, INDI[...]

303532- A Re v 00 v Contents Preface Bef ore Y ou Begi n ... .. ..... ..... .... ... ..... .... ..... ....... ..... ..... .... ..... .. ..... ..... ..... .... ..... .. ..... ..... ..... .... x iii T ext Co n v entio n s ... ....... ..... .. ..... .. ... .. ..... .. .. ... .... ... .. ... .... ... ....... ..... .. ..... .. .. ... .... ... .. ... ...[...]

vi 303532 - A Re v 00 L2TP I P Int erf ace Add resses .. .... ..... ..... .. ..... ..... .... ..... ..... .. ..... ..... .... ..... ..... .. ..... ..... . 1-15 Remot e Ro uter Co nfig urat i on ... ..... .... ..... ..... ..... .. ..... .... ..... ....... ..... ..... .... ..... ... .... .... 1 -16 Whe re to G o Ne xt .. .. ..... .. ..... ..... .....[...]

303532- A Re v 00 vi i Appendi x B Co nfi gur a t io n Ex a mpl e s Exa mple 1: Remo te PC C alling t he Cor porat e Ne twork ....... ....... ....... . .... . ...... ....... . .... . .. B -1 Confi gurin g t he Remo te Host s .. ..... .... ..... .. ..... ..... ..... .... ..... ... .... ..... ..... .... ..... ... .... ..... B-2 Configur ing the LA Cs[...]

[...]

303532- A Re v 00 ix Figures Fi gure 1-1. L2TP Netwo rk Usin g a LA C .... ..... ..... .... ..... ..... .. ..... ..... .... ....... ..... ..... ..... ... 1-7 Fi gure 1-2. L2TP Netwo rk Usin g a RA S .. .... ... ..... .... ..... ..... ..... .. ..... .... ..... .. ... ..... .. ..... ... 1-7 Fi gure 1-3. P a ck et Encap sul atio n Proce ss ..... .....[...]

[...]

303532- A Re v 00 xi T a bles T able C-1. Comm on L2T P Network Problems and Solutions ............... ................... C-1[...]

[...]

303532- A Re v 00 xiii Preface This guide describes La yer 2 T unneling Proto col (L2TP) and what you do to st art and customi ze L2TP services on a Bay Networks ® r outer . Bef or e Y ou Begin Before using this guide, you must complete the follo wing procedur e s. For a ne w rout er: • Insta ll the rout er (re fer t o the inst all at ion guide [...]

Configuring L2 TP Services xiv 3 03532 -A Re v 00 T ext Con v e n t ions This g uide uses the follo wing t ext con venti ons: bold t e xt Indica tes text tha t you need to enter and command names and options. Example: Enter s how ip { al ert s | route s } Example: Use t he dinfo c omman d. italic te xt Indica tes f ile and direc tory n ames, ne w t[...]

Prefac e 303532- A Re v 0 0 xv Acr on yms CHAP Challe nge Ha ndshak e Authent icati on Protoc ol IP Int ernet Protocol ISDN Int egr a ted Services Digital Ne twork ISP Int ernet Servic e Provid er L2TP Layer 2 T unneli ng Pr otocol LA C L2TP acces s c oncentr ator LAN loc al area networ k LCP Link Cont rol Protocol LNS L2TP networ k serve r MPPP Mu[...]

Configuring L2 TP Services xvi 3 03532-A Rev 00 Ba y Netw or ks T e c hnical Publ i catio ns Y ou can now pr int Bay Networks te chnical manua ls and relea se notes free, direc tly from the Interne t. Go to support. baynetworks. com/libr ary/ tpubs/ . Find the Bay Networks product f or which you need documentation . Then locate t he specif ic categ[...]

303532- A Re v 00 1-1 Chapter 1 L2TP O verview The Layer 2 T unneling Protocol ( L2TP) provi des remote use rs , suc h as telec ommuters, mobi le professionals , an d personne l in remote branch of fic es, with d ia l-in a ccess to a corpor ate network. L2TP enables user s to create a virt ual pri vat e net work ( VP N), whic h us es the exi stin g[...]

Configuring L2 TP Services 1-2 303532 - A Re v 00 L2TP Bene fi ts L2TP has se ve ral adv anta ges : • Use r s and busi nesses can tak e adva ntage of exist ing networ k eq uipment and resou rces . Corpor ations do not need to maintain a nd manage remote access se rv er s and other spe cial netw orking equipment f or remote users. Ins tead, the y [...]

L2TP Overview 303532- A Re v 0 0 1-3 Multip le users can communicate t hrough a single tunnel betwee n th e same LA C and LNS pa ir . Eac h user trans mits and r ecei v es data in a n indi vidual L2TP sessi on. The LA C brings do wn the tu nnel for any one of the follo wing reasons: • A ne twor k fa ilur e occurs. • The LA C or othe r e quipmen[...]

Configuring L2 TP Services 1-4 303532 - A Re v 00 Components of an L2TP Netw ork The follo win g section s desc ribe t he component s of a n L2TP ne twor k. F or illust r ati ons of L2TP netw or ks, see Figure s 1-1 and 1-2 on pa g e 1-7 . Remote Host At the remote si te is the user who wants to dial in to the c orporat e network. The remote use r [...]

L2TP Overview 303532- A Re v 0 0 1-5 L2TP Access Concentrator (LAC) The L2TP access conce ntrator (LA C) resi des at the ISP networ k. The LA C establi shes the L2TP t unnel b etween i tself a nd the LN S. When the remote user pla ces a call to the ISP networ k, this call goes to the LA C . The LA C then ne gotiates the acti v ation of an L2TP tunn[...]

Configuring L2 TP Services 1-6 303532 - A Re v 00 L2TP Netw ork Server (LNS) The L2TP network se rver (LNS) is a router that reside s at the corporate net wor k and serv es as the termina tion point for L2TP tunn els and sessions . The LNS authenti cate s the PPP connect ion request and allo ws the end-to-e nd PPP tunne led connection. The LNS m a [...]

L2TP Overview 303532- A Re v 0 0 1-7 Examples of L2TP Networks Figure 1- 1 shows an L2 TP net work that uses a LA C t o connect t o t he LNS. The tunne l i s betwee n the LA C a nd the LNS. Figu re 1 -1. L2T P Network Usi ng a LA C Figure 1- 2 shows a n L2TP network that use s a RAS to conne ct to the LNS. The tunne l i s betwee n the PC (t he L2TP[...]

Configuring L2 TP Services 1-8 303532 - A Re v 00 L2TP P ac ket Encapsul ation The PC or route r at t he r emote s ite s ends PPP pa cke ts to the LAC. The LA C encaps ulates thes e incoming pack ets in an L2TP packet and sends it acr oss a n IP netw ork t hrough a bidir ectiona l tunne l. Af ter t he LNS r ecei ve s the packe ts, i t decaps ulates[...]

L2TP Overview 303532- A Re v 0 0 1-9 Making a Connection Ac r os s an L2TP Netw ork The follo wing steps expla in how a remote user connects across an L2 TP network that inclu des a B ay Ne tworks LA C, TMS, and LNS (se e Fi gure 1-1 on page 1-7 ): 1. The remote user di a l s a LAC at the loc al ISP network to est ablish a PPP connec tion to the co[...]

Configuring L2 TP Services 1-10 303532 - A Re v 00 Security in a n L2TP Network Y ou can conf igure tw o layer s of security in an L2TP netw ork: • T unnel authenti c ation T unnel a uthenti cation i s t he proc ess of negotia ting the est ablishment of a tunne l betwe en t he LA C an d the LNS. • Use r auth e nticati on The networ k administr [...]

L2TP Overview 303532- A Re v 0 0 1-11 Ba y Netw orks L2TP Implementation In an L2TP netw or k , the Bay Networ ks router is the LNS. LNS soft ware ope r ates on the BLN ® , BCN ® , and ASN ™ platforms. The Bay Networ ks LNS ha s the follo wing char acteristi c s: • Ea ch slot ca n act as an LNS , which means th at one route r can ha ve many L[...]

Configuring L2 TP Services 1-12 303532 - A Re v 00 T unnel Man a gement The Bay Netw orks t unnel m anagement se rv er (TMS), which resi des at the I SP netw ork, stores the TMS dat abase. This database c ontains th e remote users’ domain name, the IP addr ess information of each LNS, and other tunnel addre ssing informati on t hat t he networ k [...]

L2TP Overview 303532- A Re v 0 0 1-13 Y ou c an enab le tun nel authe nti cation on th e Bay Networks LNS . If tunne l authenti c ati on is disable d, whi ch is the de f ault, the LNS sends a d efault c hallen ge response to the LA C during the aut hen tic ation process so that the tunne l can be establi shed. The LNS cannot send outgoin g ca lls, [...]

Configuring L2 TP Services 1-14 303532 - A Re v 00 After tunnel authent ication is comple te, it does not need to be rep eate d f or other calls to the same LA C. RADIUS User Authentication RADIUS user authe ntication is e nabled b y def ault on the Bay Ne tw orks LNS; you must conf igure this fe atur e s o tha t the LNS ca n v alida te the r emote[...]

L2TP Overview 303532- A Re v 0 0 1-15 RADIUS Accounting The RADIUS se rver can pr ovide acc ounting se rvic es i n addit ion to its authenti c ation s e rvices. RADIUS ac counting is enabled by def ault o n the Bay Netw orks LNS. The RADIUS accounti ng serve r calculates bil ling charges for an L2TP sess ion betwee n th e remo te user and the LNS .[...]

Configuring L2 TP Services 1-16 303532 - A Re v 00 Remote Router Configuration If the hos t at the remote site is a Bay Networ ks route r , you m ay need to c onf igure a dial -on-d emand circuit f o r the re mote rou ter’ s dial- up interfac e to the L A C at the ISP networ k. Enable RIP on both the dia l- on- demand c ir cuit and the att ached [...]

L2TP Overview 303532- A Re v 0 0 1-17 Where to Go Ne x t Go to one of the follo wing chapters for more infor mation: If y ou want to Go to Start L2TP on a router usin g def a ult par amet er sett ing s. Chapter 2 Change de fault set tings f or L2TP para m eters . Chapter 3 Obtain i nf or mat ion about Site Manager param ete rs (thi s is the same in[...]

[...]

303532- A Re v 00 2-1 Chapter 2 Starting L2TP The quicke st way to sta r t L2TP is to enabl e it with the defaul t configu r ati on that Bay Ne tworks softw are s uppli es. This con fi guration u ses a ll a va ilable p arameter defa ult s. Y ou need to supply v alue s for se v eral par ameters that do not ha ve def ault val ue s. This c hapte r in [...]

Configuring L2 TP Services 2-2 303532 - A Re v 00 Plannin g Considerations for an L2TP Network This guide primarily e xplains how to confi gure a Bay Networ ks BLN, BCN, or ASN route r a s a n LNS i n an L2TP networ k. T o suc cessful ly opera te i n an L2TP netw ork, obtain the fol lo win g informat ion to conf igure the LNS. T unnel Authenticatio[...]

Starting L2 TP 303532- A Re v 0 0 2-3 Preparing a Configurat ion File Before starti ng L2TP , yo u must c reat e and save a co n figurat ion file with a t least one W AN i nte rface , for exam ple , a synchronous or MCT1 port. Fo r informatio n about the Site Manager conf igur ation tool and ho w t o wor k with conf iguration f iles, see C onf igur[...]

Configuring L2 TP Services 2-4 303532 - A Re v 00 Enabling L2TP on an Unconfig ured W AN Interface T o enable L2TP on an unc onf igured W AN int erfac e, comp l ete the f ollo wing t a s ks: Site Manager Procedu r e Y ou do this System respo nds 1. In the Conf igu ration M anage r win dow , choose a W AN c onnector . The Add Ci rcui t win dow ope n[...]

Starting L2 TP 303532- A Re v 0 0 2-5 Enabling L2TP on an Existing P PP Interface T o enable L2TP on an inte rface with PPP and IP already e nabled, compl ete the foll o wing ta sks: 11. Clic k on OK . 12. Clic k on Done . Y ou r et ur n to t he Conf igur atio n Man ager windo w . Site Manager Procedu r e Y ou do this System respo nds 1. In the Con[...]

Configuring L2 TP Services 2-6 303532 - A Re v 00 9. Set the f o l l ow ing parame ter s: • L2TP IP Interfa ce Addre ss • Subnet Mas k Clic k on Hel p or see th e par amete r descript i ons beginn ing on pag e A-11 . Site Manager displ ay s a mes sage alerting y ou of th e time dela y t o cr eate the L2TP tu nnel cir cui ts. 10. Clic k on OK . [...]

Starting L2 TP 303532- A Re v 0 0 2-7 Ena b ling L2 TP on an Exis ti ng Frame Rel ay I nter face T o enable L2TP on a n inte rface with fram e relay and IP al ready enabled , compl ete the follo wing tasks: Site Manager Procedu r e Y ou do this System respo nds 1. In the Conf igu ration M anage r win dow , choose a W AN c onnector . The Edit Connec[...]

Configuring L2 TP Services 2-8 303532 - A Re v 00 11. Clic k on OK . Y ou retu r n to th e L2 TP IP In ter f ace Li st windo w , which displa ys the IP i nter fac e addres s and the s ubnet mas k. A mess age windo w opens that rea ds, L2TP Conf ig urati on i s co mple ted . 12. Clic k on OK . 13. Clic k on Done . Y ou r etu r n t o t he F ra me R e[...]

Starting L2 TP 303532- A Re v 0 0 2-9 Enabl ing L2TP on an E xisting A TM Interface T o enable L2TP on an int erface w i th A T M and IP alrea dy enabl ed, you can enable L2TP in tw o ways. If your interf ace uses a COM connector , c omplete the ta sks in the follo wing table. If your inte rface us e s an A TM connector , go to page 2 -10 . Site Ma[...]

Configuring L2 TP Services 2-10 303532 - A Re v 00 If y our A TM inte rface us es an A TM conn ecto r , co mple te th e followi n g t asks: 12. Clic k on Done . Y ou r eturn t o the Circ uit D efi niti on windo w . 13. Choose File . The Fil e menu open s. 14. Choose Exit . Y ou r et ur n to t he Conf igur atio n Man ager windo w . Site Manager Proc[...]

303532- A Re v 00 3-1 Chapter 3 Customiz ing L 2TP Services When y ou ena ble L2 TP , defa ult v alues a re in ef fe ct for most parameter s (se e parame ter descrip tions in Appendix A , “ L2TP Para meters ”). Y o u m ay wa nt to change some of t hese v alue s, de pending on the requir ements of y our ne twork . This c hapte r in cludes th e f[...]

Configuring L2 TP Services 3-2 303532 - A Re v 00 Modifying the L 2TP Pr otocol Configuration T o modify how da ta is transmitte d across an L2TP networ k, suc h as the number , freq uency , a nd timi ng of data a nd acknowl edgment pack ets e xchanged between the LNS and LA C, you can modify the L2TP protoc ol pa rameters. T o modify the L2TP prot[...]

Custom izing L2TP Services 303532- A Re v 0 0 3-3 Modifying RA DIUS Ser v er Information If you change the add ress of the RADIUS ser ver tha t you are usin g to authen ticate remote users and manage accounti ng functi ons, you mu st upda te the server addre ss information on the LNS. Fo r more information ab out using a RADIUS s erv er in an L2TP [...]

Configuring L2 TP Services 3-4 303532 - A Re v 00 Changing th e LNS Sy stem Name The LNS syste m name i s t he name o f the router . This name i s u sed during tun nel setup to ident ify th e LNS uniq ue ly . By def ault , Si te Manage r e nters th e syst em name that you initial ly conf igured when fi rst a ccessi ng the router . Se e Conf iguring[...]

Custom izing L2TP Services 303532- A Re v 0 0 3-5 Modifying the Number of L2TP Se ssions P erm i tte d Y ou ca n m od ify th e ma xi mum nu m ber of ac tive L2TP sess ions tha t the LNS ca n manage. The de fault is 100 se ssi ons. Fo r more information ab out L2TP sessions, se e “ L2TP Sessions ” o n page 1-3 . T o change the maximum number of [...]

Configuring L2 TP Services 3-6 303532 - A Re v 00 K ee ping the Rem ote User ’ s Dom ain Name The LNS remov es the domain name from the complete use r name b y default, befor e passing it on to the RADIUS serve r for user authen tic ation. T o ke ep th e domain name wi th the user n ame, comple te th e follo wing t asks: Site Manager Procedu r e [...]

Custom izing L2TP Services 303532- A Re v 0 0 3-7 Changing the Domain Name De limiter In the complet e user name there is a single -cha racter delimiter tha t separ ates the user na me from t he domain na m e. By defaul t, the LNS remov es the do m ain na me when it rece iv e s a ca ll. The delimi te r tells the LNS which ch arac ters to rem o v e.[...]

Configuring L2 TP Services 3-8 303532 - A Re v 00 En abli ng T un nel A uth ent ica tio n T o prev ent unauthorize d users from accessi ng t he cor porate networ k, you can enable t unnel auth entic ation. Dur ing tunnel ne gotiati on, the LA C s e nds it s tunne l authenti c ation p a ssword to t he LNS. If the pass word is not recognize d by the [...]

Custom izing L2TP Services 303532- A Re v 0 0 3-9 Modifying L2TP IP Interface Ad d resses The L2TP I P Int e rface List windo w lists the L2TP IP interf a ce addresses f or each slot tha t has L2TP c onf igure d. The LNS uses the address es interna lly to ide ntify the remote si tes. Fo r more information ab out the L2TP I P interf ace, see “ L2T[...]

Configuring L2 TP Services 3-10 303532 - A Re v 00 Disab ling RIP RIP is enabled on the LNS b y de f a ul t so that the LNS can learn routes f rom the remote dial-in router . I f the LNS does n ot re quire R IP support, y ou can disa ble i t. T o disa ble R IP , com plete th e follo wi ng tas ks: Disabling L2TP T o disable L2TP on a slot, comple te[...]

Custom izing L2TP Services 303532- A Re v 0 0 3-11 Deleting L2 TP fr om a P P P Inte rfa ce T o delete L2TP from a PPP inte rface , comp lete t he f ollo w i ng ta s ks: 6. Set t he Enable L2TP par amet er to Disabl e . Clic k on Help or see the paramet er des cri pti on on page A- 3 . Site Mana ger di sabl es L2TP f or t he sl ot. 7. Clic k on Don[...]

Configuring L2 TP Services 3-12 303532 - A Re v 00 Deleting L2 TP fr om a Fr a me Rela y Interface T o delete L2TP from a frame relay int erface, comp l ete t he fo l lowing tasks: Site Manager Procedu r e Y ou do this System respo nds 1. In the Conf igu ration M anage r win dow , clic k on a W AN connect or co nf igured with L2TP . The Edi t Con n[...]

Custom izing L2TP Services 303532- A Re v 0 0 3-13 Deleting L2TP fr om an A TM Interface T o delete L2TP from an A TM inte rface on a CO M c onnector , complete the foll o wing ta sks: T o delete L2TP from an A TM inte rface on a n A T M c onnector , comple te the foll o wing ta sks: Site Manager Procedu r e Y ou do this System respo nds 1. In the [...]

Configuring L2 TP Services 3-14 303532 - A Re v 00 6. Clic k on OK . Y ou re tu r n to th e A TM S e r v ic e Rec o rds List window . 7. Clic k on Done . Y ou re tu r n to th e Ed it A T M C o nn e c to r windo w . 8. Clic k on Done . Y ou r eturn t o the Confi gurat ion M anager windo w . Site Manager Procedur e (con tinu ed) Y ou do this System r[...]

303532- A Re v 00 A-1 Appendix A L2TP P arameter s This appendix contains the Site Manage r parameter descr iptions fo r L2TP servic es. Y ou c an displ a y the same information using Si te Manager online Help. Fo r inf ormatio n about the IP para meters t ha t you set when ena bling L2TP , see Conf igu ring I P Servic es . This a ppendix conta ins[...]

Configuring L2 TP Services A- 2 303532 - A Re v 00 The T ech nicia n Interfa ce al l o ws you t o modify para meter s by issu ing set and commit commands with the MIB object ID. This proce ss is eq uiva len t t o modifying pa rameters using Site Manager . For more infor mation about using the T ec hnic ian Inte rface t o acces s the MIB, see Using [...]

L2TP P arame ters 303532- A Re v 0 0 A-3 Parame ter : Ena ble L2TP Path: Configu r ation M anager > P rotoco ls > I P > L2TP > L2TP C onf iguration Defaul t: Enable Options: Enable | Disabl e Function: Enables or disables L2TP on this i nterface. Instruc ti ons: S i te Manager automatica lly sets thi s paramete r to Enab le when you sel[...]

Configuring L2 TP Services A- 4 303532 - A Re v 00 Parame ter : Re tra n sm it Time r (s econ ds) Path: Configu r ation M anager > P rotoco ls > I P > L2TP > L2TP C onf iguration Defaul t: 1 Options: 1 to 60 se conds Function: I n dicates the number of seconds that the LNS wait s for an ackno wledgment from the LA C before r esending pa[...]

L2TP P arame ters 303532- A Re v 0 0 A-5 Par ameter: Ack T imeout (millisec onds) Path: Configu r ation M anager > P rotoco ls > I P > L2TP > L2TP C onf iguration Defaul t: 250 Options: 1 to 350 m illi seconds Function: S pec if ies the maximum number of millis econds that can ela pse before the LNS sends an ackno wle dgment to the LA C[...]

Configuring L2 TP Services A- 6 303532 - A Re v 00 Par ameter: RADIUS Primary Server Pa ssword Path: Configu r ation M anager > P rotoco ls > I P > L2TP > L2TP C onf iguration Defaul t: None Options: Any alphanum eric string, up to a maximum of 64 c haracte rs Function: S pec if ies the primary RADIUS serv er’ s pa s sword. Instruc ti[...]

L2TP P arame ters 303532- A Re v 0 0 A-7 Par ameter: Remove Domain Name Path: Configu r ation M anager > P rotoco ls > I P > L2TP > L2TP C onf iguration Defaul t: Enable Options: Ena ble | Disa ble Function: I n structs t he route r whether to re mov e the dom ain name f rom t he complete use r name before RADIUS authentic ation takes p[...]

Configuring L2 TP Services A- 8 303532 - A Re v 00 L2TP T unnel Securi ty P a ra m eters The L2TP T unnel Security List windo w (Figur e A-2) contains th e tunnel authenti c ation p a rameters . Figu re A- 2. L2T P T un nel Sec urity Lis t Wind ow The paramete r desc riptio ns fol low .[...]

L2TP P arame ters 303532- A Re v 0 0 A-9 Parame ter : Ena ble T u nnel Authe nticatio n Path: Configu r ation M anager > P rotoco ls > I P > L2TP > T unnel Authe nticatio n Defaul t: Disable Options: Enable | Disabl e Function: Enables or disables the use of t unnel a ut he nt ication fo r a sl ot on the LNS. T unnel authentica tion pro[...]

Configuring L2 TP Services A- 10 303532 -A Rev 00 L2TP IP Int erface P a ramete r s The L2TP IP Interf a ce List wi ndow (Figur e A-3) c on t a i ns t he list of IP i nterface s for e ach sl ot on t he route r conf igured wi th L2 TP . Figure A-3. L2TP IP Interface List Window When you cli c k on Change, Site Manager d isplays t he L2TP IP In te rf[...]

L2TP P arame ters 303532- A Re v 0 0 A-11 The paramete r desc riptio ns fol low . Parame ter : L2 TP IP Inte rface Ad dress Pa th: Configu r ation M anager > Prot oc ols > IP > L2TP > L2TP IP Int erfa ce Defaul t: None Options: Any unique IP address Function: S pec if ies the IP address that identi f ies the L2TP IP int erfac e for the [...]

Configuring L2 TP Services A- 12 303532 -A Rev 00 Par ameter: RIP Enable Pa th: Configu r ati on Manager > Pr otoco ls > I P > L2TP > L2TP I P I nt erface Defaul t: Enable Options: Enable | Disable Function: S pec if ies whether RIP List en is enabled on this inte rface . See Configu ring IP Services f or m or e informat ion about RIP .[...]

303532- A Re v 00 B-1 Appendix B Conf iguration Exa mples This a ppendix prov ide s two e xamples of L2TP ne twork conf igurati ons. It i nclude s only t hose p aram eters that re quire cha nges fr om th eir d efa ult setti ngs for prope r conf iguration. F or instruc tions on modifying pa rameters, se e Cha pt e r 3, “Customi zing L2 TP Ser vice[...]

Configuring L2 TP Services B- 2 303532 - A Re v 00 Figure B-1. L 2TP Netwo rk with PCs at the Remote Site Configuring the Remote Hosts The remote host s i n this ne twork are two PCs run ning Wi ndows 95. Neither PC has inter nal L2TP capabil ities. In this netw ork, one PC has a s ynchron ous dia l connec tion to the ISP via a modem. The othe r PC[...]

Configuration Examp les 303532- A Re v 0 0 B-3 Configuring the LACs and the TMS The LA Cs in this ne two rk are Model 5399 Remote Access Conce ntr ators. Bo th de vi ces ha v e L2 TP modules insta lle d. S ee Model 5399 Remote Acce ss Concent rator documenta tio n for inf ormat ion about conf iguri ng L2TP . The LA Cs use the same TMS, which you co[...]

Configuring L2 TP Services B- 4 303532 - A Re v 00 6. In t he L2 TP T un neling Sec urity window , e nable tunn el aut henti cation. 7. In t he L2 TP I P In terface wind ow , e nter the L 2TP I P a ddress. During the L2TP session, the RADIUS serv e r assigns the follo wing IP addre sses: jsmar t@baynetwor ks.com: 192. 32.40.1 mmark@baynetw orks.com[...]

Configuration Examp les 303532- A Re v 0 0 B-5 Exampl e 2: Remote Router Ca ll ing the Corpo ra te Netw o rk Figure B -2 shows a ne tw ork with two B aySta c k™ AN ® route rs at the re mote si te. The AN routers are u s ing dial -o n-d e ma nd servi ce fo r dia l- up c onnections. In this network, note the follo wing: • P PP is the W AN protoc[...]

Configuring L2 TP Services B- 6 303532 - A Re v 00 Configuring the Dial-on-Demand C ircuit Modify t he dial-on- demand circui t conf igura tion f or t he AN r outers as f ollo ws: 1. In th e Conf i guration Manager window , choose Dialup > De mand C i rc uit s > Demand P ools > PPP Cir cuits > PPP Demand Ci rc uits t o display the PPP D[...]

303532- A Re v 00 C-1 Appendix C T r ouble shooting T o monitor your L2TP network a nd solve proble ms that may occur , fir st check the e v ent l og f ile for a ny m essages recorde d b y the LNS. For infor mation a bout vie wi ng and reading e ven t messag es, see Event Messag e s for Routers and Conf igu ring and Manag ing Routers with Site Mana[...]

Configuring L2 TP Services C-2 303532 - A Re v 00 L2TP sessi on is not activ e. The LNS fai l ed to negoti at e the PPP LCP options . Reconfi gure the host at t he remote si te dial ing in to the I SP . For a Bay Net work s rout er at the remote site, chec k the PPP MR U/MRR U s ize . The LNS sup por ts a n MR U/MR UU siz e of 1500 only . Use the f[...]

303532- A Re v 00 Index-1 A acco untin g, RADI US, 1- 15 Ac k T imeout (m ill is eco nds) pa ram e ter , A-5 acro nym s , xv B Bay N etw orks LNS. See LNS C conf i gu rati on e xam p l e s, B-1 conf igurat i on f i le , re quirem ent s, 2- 3 conven tion s, t ext, xiv D d eleti ng L2 TP fr om A T M, 3-1 3 from fram e re la y , 3- 1 2 fro m PPP , 3-1[...]

Ind ex -2 3 03532-A Re v 00 LNS ( con ti nue d) L2TP sec urity , 1- 10 mod ifyi ng pr oto col conf igurati on , 3-2 oper ating wi th LA Cs, 1- 11 LNS Syst em Name par am et er , A-5 LNS s yst em name , ch angi ng , 3- 4 M Max L2TP Sessions pa ram eter , A- 3 Maximum Retransmit parameter , A-4 P pack et enc aps ula tion , L2TP , 1-8 par ame ters cus[...]