English dropdown-ico

Nortel Networks L2TP manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80

Go to page of

Similar user manuals

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of Nortel Networks L2TP, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Nortel Networks L2TP one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of Nortel Networks L2TP. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of Nortel Networks L2TP should contain:
- informations concerning technical data of Nortel Networks L2TP
- name of the manufacturer and a year of construction of the Nortel Networks L2TP item
- rules of operation, control and maintenance of the Nortel Networks L2TP item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Nortel Networks L2TP alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Nortel Networks L2TP, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Nortel Networks service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Nortel Networks L2TP.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the Nortel Networks L2TP item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    Part No. 303532-A Rev 00 Oc tob er 1998 BayRS V ersi on 13.0 0 Site Manager Soft ware Version 7. 00 Configurin g L2TP Se rvices[...]

  • Page 2

    ii 303532-A Rev 00 4401 Great America P arkw ay 8 F ed eral Stree t Santa Cl ar a, CA 95054 Bil lerica , MA 01821 Copyr ight © 1998 Bay N et w orks, Inc. All rights rese rved . Pr inted in the USA. October 1998. The inf orma tion i n thi s do cumen t is subje ct t o cha nge with out not ice . The st at ement s, con f i gurat ion s, tec hni ca l da[...]

  • Page 3

    303532- A Re v 00 iii Ba y Netw orks, Inc . Software Li cense Agreement NO TICE: Ple as e caref ul ly r ead this li ce nse agr eement befo re c opy ing or us in g the a cco mpanyi ng s oft ware or in st al li ng the har dware unit with pr e- enabled s oftwa re (e ach of w h ic h is ref er red to as “Sof tw are” i n t hi s Ag ree ment). BY COPYI[...]

  • Page 4

    iv 303532 - A Re v 00 its o wn data and in fo rmatio n and for mai nt aining ad equate p ro ced ure s apa r t fr om the So ft wa re t o re construc t lost or alte red f iles, data , or p rogra ms. 4. Li mit ation o f li abil ity . IN NO EVENT WI LL BA Y NET WORKS OR ITS LICENSORS BE LI ABLE FOR ANY COST OF S UBSTI TUTE P ROCUREMENT ; S PECIAL, INDI[...]

  • Page 5

    303532- A Re v 00 v Contents Preface Bef ore Y ou Begi n ... .. ..... ..... .... ... ..... .... ..... ....... ..... ..... .... ..... .. ..... ..... ..... .... ..... .. ..... ..... ..... .... x iii T ext Co n v entio n s ... ....... ..... .. ..... .. ... .. ..... .. .. ... .... ... .. ... .... ... ....... ..... .. ..... .. .. ... .... ... .. ... ...[...]

  • Page 6

    vi 303532 - A Re v 00 L2TP I P Int erf ace Add resses .. .... ..... ..... .. ..... ..... .... ..... ..... .. ..... ..... .... ..... ..... .. ..... ..... . 1-15 Remot e Ro uter Co nfig urat i on ... ..... .... ..... ..... ..... .. ..... .... ..... ....... ..... ..... .... ..... ... .... .... 1 -16 Whe re to G o Ne xt .. .. ..... .. ..... ..... .....[...]

  • Page 7

    303532- A Re v 00 vi i Appendi x B Co nfi gur a t io n Ex a mpl e s Exa mple 1: Remo te PC C alling t he Cor porat e Ne twork ....... ....... ....... . .... . ...... ....... . .... . .. B -1 Confi gurin g t he Remo te Host s .. ..... .... ..... .. ..... ..... ..... .... ..... ... .... ..... ..... .... ..... ... .... ..... B-2 Configur ing the LA Cs[...]

  • Page 8

    [...]

  • Page 9

    303532- A Re v 00 ix Figures Fi gure 1-1. L2TP Netwo rk Usin g a LA C .... ..... ..... .... ..... ..... .. ..... ..... .... ....... ..... ..... ..... ... 1-7 Fi gure 1-2. L2TP Netwo rk Usin g a RA S .. .... ... ..... .... ..... ..... ..... .. ..... .... ..... .. ... ..... .. ..... ... 1-7 Fi gure 1-3. P a ck et Encap sul atio n Proce ss ..... .....[...]

  • Page 10

    [...]

  • Page 11

    303532- A Re v 00 xi T a bles T able C-1. Comm on L2T P Network Problems and Solutions ............... ................... C-1[...]

  • Page 12

    [...]

  • Page 13

    303532- A Re v 00 xiii Preface This guide describes La yer 2 T unneling Proto col (L2TP) and what you do to st art and customi ze L2TP services on a Bay Networks ® r outer . Bef or e Y ou Begin Before using this guide, you must complete the follo wing procedur e s. For a ne w rout er: • Insta ll the rout er (re fer t o the inst all at ion guide [...]

  • Page 14

    Configuring L2 TP Services xiv 3 03532 -A Re v 00 T ext Con v e n t ions This g uide uses the follo wing t ext con venti ons: bold t e xt Indica tes text tha t you need to enter and command names and options. Example: Enter s how ip { al ert s | route s } Example: Use t he dinfo c omman d. italic te xt Indica tes f ile and direc tory n ames, ne w t[...]

  • Page 15

    Prefac e 303532- A Re v 0 0 xv Acr on yms CHAP Challe nge Ha ndshak e Authent icati on Protoc ol IP Int ernet Protocol ISDN Int egr a ted Services Digital Ne twork ISP Int ernet Servic e Provid er L2TP Layer 2 T unneli ng Pr otocol LA C L2TP acces s c oncentr ator LAN loc al area networ k LCP Link Cont rol Protocol LNS L2TP networ k serve r MPPP Mu[...]

  • Page 16

    Configuring L2 TP Services xvi 3 03532-A Rev 00 Ba y Netw or ks T e c hnical Publ i catio ns Y ou can now pr int Bay Networks te chnical manua ls and relea se notes free, direc tly from the Interne t. Go to support. baynetworks. com/libr ary/ tpubs/ . Find the Bay Networks product f or which you need documentation . Then locate t he specif ic categ[...]

  • Page 17

    303532- A Re v 00 1-1 Chapter 1 L2TP O verview The Layer 2 T unneling Protocol ( L2TP) provi des remote use rs , suc h as telec ommuters, mobi le professionals , an d personne l in remote branch of fic es, with d ia l-in a ccess to a corpor ate network. L2TP enables user s to create a virt ual pri vat e net work ( VP N), whic h us es the exi stin g[...]

  • Page 18

    Configuring L2 TP Services 1-2 303532 - A Re v 00 L2TP Bene fi ts L2TP has se ve ral adv anta ges : • Use r s and busi nesses can tak e adva ntage of exist ing networ k eq uipment and resou rces . Corpor ations do not need to maintain a nd manage remote access se rv er s and other spe cial netw orking equipment f or remote users. Ins tead, the y [...]

  • Page 19

    L2TP Overview 303532- A Re v 0 0 1-3 Multip le users can communicate t hrough a single tunnel betwee n th e same LA C and LNS pa ir . Eac h user trans mits and r ecei v es data in a n indi vidual L2TP sessi on. The LA C brings do wn the tu nnel for any one of the follo wing reasons: • A ne twor k fa ilur e occurs. • The LA C or othe r e quipmen[...]

  • Page 20

    Configuring L2 TP Services 1-4 303532 - A Re v 00 Components of an L2TP Netw ork The follo win g section s desc ribe t he component s of a n L2TP ne twor k. F or illust r ati ons of L2TP netw or ks, see Figure s 1-1 and 1-2 on pa g e 1-7 . Remote Host At the remote si te is the user who wants to dial in to the c orporat e network. The remote use r [...]

  • Page 21

    L2TP Overview 303532- A Re v 0 0 1-5 L2TP Access Concentrator (LAC) The L2TP access conce ntrator (LA C) resi des at the ISP networ k. The LA C establi shes the L2TP t unnel b etween i tself a nd the LN S. When the remote user pla ces a call to the ISP networ k, this call goes to the LA C . The LA C then ne gotiates the acti v ation of an L2TP tunn[...]

  • Page 22

    Configuring L2 TP Services 1-6 303532 - A Re v 00 L2TP Netw ork Server (LNS) The L2TP network se rver (LNS) is a router that reside s at the corporate net wor k and serv es as the termina tion point for L2TP tunn els and sessions . The LNS authenti cate s the PPP connect ion request and allo ws the end-to-e nd PPP tunne led connection. The LNS m a [...]

  • Page 23

    L2TP Overview 303532- A Re v 0 0 1-7 Examples of L2TP Networks Figure 1- 1 shows an L2 TP net work that uses a LA C t o connect t o t he LNS. The tunne l i s betwee n the LA C a nd the LNS. Figu re 1 -1. L2T P Network Usi ng a LA C Figure 1- 2 shows a n L2TP network that use s a RAS to conne ct to the LNS. The tunne l i s betwee n the PC (t he L2TP[...]

  • Page 24

    Configuring L2 TP Services 1-8 303532 - A Re v 00 L2TP P ac ket Encapsul ation The PC or route r at t he r emote s ite s ends PPP pa cke ts to the LAC. The LA C encaps ulates thes e incoming pack ets in an L2TP packet and sends it acr oss a n IP netw ork t hrough a bidir ectiona l tunne l. Af ter t he LNS r ecei ve s the packe ts, i t decaps ulates[...]

  • Page 25

    L2TP Overview 303532- A Re v 0 0 1-9 Making a Connection Ac r os s an L2TP Netw ork The follo wing steps expla in how a remote user connects across an L2 TP network that inclu des a B ay Ne tworks LA C, TMS, and LNS (se e Fi gure 1-1 on page 1-7 ): 1. The remote user di a l s a LAC at the loc al ISP network to est ablish a PPP connec tion to the co[...]

  • Page 26

    Configuring L2 TP Services 1-10 303532 - A Re v 00 Security in a n L2TP Network Y ou can conf igure tw o layer s of security in an L2TP netw ork: • T unnel authenti c ation T unnel a uthenti cation i s t he proc ess of negotia ting the est ablishment of a tunne l betwe en t he LA C an d the LNS. • Use r auth e nticati on The networ k administr [...]

  • Page 27

    L2TP Overview 303532- A Re v 0 0 1-11 Ba y Netw orks L2TP Implementation In an L2TP netw or k , the Bay Networ ks router is the LNS. LNS soft ware ope r ates on the BLN ® , BCN ® , and ASN ™ platforms. The Bay Networ ks LNS ha s the follo wing char acteristi c s: • Ea ch slot ca n act as an LNS , which means th at one route r can ha ve many L[...]

  • Page 28

    Configuring L2 TP Services 1-12 303532 - A Re v 00 T unnel Man a gement The Bay Netw orks t unnel m anagement se rv er (TMS), which resi des at the I SP netw ork, stores the TMS dat abase. This database c ontains th e remote users’ domain name, the IP addr ess information of each LNS, and other tunnel addre ssing informati on t hat t he networ k [...]

  • Page 29

    L2TP Overview 303532- A Re v 0 0 1-13 Y ou c an enab le tun nel authe nti cation on th e Bay Networks LNS . If tunne l authenti c ati on is disable d, whi ch is the de f ault, the LNS sends a d efault c hallen ge response to the LA C during the aut hen tic ation process so that the tunne l can be establi shed. The LNS cannot send outgoin g ca lls, [...]

  • Page 30

    Configuring L2 TP Services 1-14 303532 - A Re v 00 After tunnel authent ication is comple te, it does not need to be rep eate d f or other calls to the same LA C. RADIUS User Authentication RADIUS user authe ntication is e nabled b y def ault on the Bay Ne tw orks LNS; you must conf igure this fe atur e s o tha t the LNS ca n v alida te the r emote[...]

  • Page 31

    L2TP Overview 303532- A Re v 0 0 1-15 RADIUS Accounting The RADIUS se rver can pr ovide acc ounting se rvic es i n addit ion to its authenti c ation s e rvices. RADIUS ac counting is enabled by def ault o n the Bay Netw orks LNS. The RADIUS accounti ng serve r calculates bil ling charges for an L2TP sess ion betwee n th e remo te user and the LNS .[...]

  • Page 32

    Configuring L2 TP Services 1-16 303532 - A Re v 00 Remote Router Configuration If the hos t at the remote site is a Bay Networ ks route r , you m ay need to c onf igure a dial -on-d emand circuit f o r the re mote rou ter’ s dial- up interfac e to the L A C at the ISP networ k. Enable RIP on both the dia l- on- demand c ir cuit and the att ached [...]

  • Page 33

    L2TP Overview 303532- A Re v 0 0 1-17 Where to Go Ne x t Go to one of the follo wing chapters for more infor mation: If y ou want to Go to Start L2TP on a router usin g def a ult par amet er sett ing s. Chapter 2 Change de fault set tings f or L2TP para m eters . Chapter 3 Obtain i nf or mat ion about Site Manager param ete rs (thi s is the same in[...]

  • Page 34

    [...]

  • Page 35

    303532- A Re v 00 2-1 Chapter 2 Starting L2TP The quicke st way to sta r t L2TP is to enabl e it with the defaul t configu r ati on that Bay Ne tworks softw are s uppli es. This con fi guration u ses a ll a va ilable p arameter defa ult s. Y ou need to supply v alue s for se v eral par ameters that do not ha ve def ault val ue s. This c hapte r in [...]

  • Page 36

    Configuring L2 TP Services 2-2 303532 - A Re v 00 Plannin g Considerations for an L2TP Network This guide primarily e xplains how to confi gure a Bay Networ ks BLN, BCN, or ASN route r a s a n LNS i n an L2TP networ k. T o suc cessful ly opera te i n an L2TP netw ork, obtain the fol lo win g informat ion to conf igure the LNS. T unnel Authenticatio[...]

  • Page 37

    Starting L2 TP 303532- A Re v 0 0 2-3 Preparing a Configurat ion File Before starti ng L2TP , yo u must c reat e and save a co n figurat ion file with a t least one W AN i nte rface , for exam ple , a synchronous or MCT1 port. Fo r informatio n about the Site Manager conf igur ation tool and ho w t o wor k with conf iguration f iles, see C onf igur[...]

  • Page 38

    Configuring L2 TP Services 2-4 303532 - A Re v 00 Enabling L2TP on an Unconfig ured W AN Interface T o enable L2TP on an unc onf igured W AN int erfac e, comp l ete the f ollo wing t a s ks: Site Manager Procedu r e Y ou do this System respo nds 1. In the Conf igu ration M anage r win dow , choose a W AN c onnector . The Add Ci rcui t win dow ope n[...]

  • Page 39

    Starting L2 TP 303532- A Re v 0 0 2-5 Enabling L2TP on an Existing P PP Interface T o enable L2TP on an inte rface with PPP and IP already e nabled, compl ete the foll o wing ta sks: 11. Clic k on OK . 12. Clic k on Done . Y ou r et ur n to t he Conf igur atio n Man ager windo w . Site Manager Procedu r e Y ou do this System respo nds 1. In the Con[...]

  • Page 40

    Configuring L2 TP Services 2-6 303532 - A Re v 00 9. Set the f o l l ow ing parame ter s: • L2TP IP Interfa ce Addre ss • Subnet Mas k Clic k on Hel p or see th e par amete r descript i ons beginn ing on pag e A-11 . Site Manager displ ay s a mes sage alerting y ou of th e time dela y t o cr eate the L2TP tu nnel cir cui ts. 10. Clic k on OK . [...]

  • Page 41

    Starting L2 TP 303532- A Re v 0 0 2-7 Ena b ling L2 TP on an Exis ti ng Frame Rel ay I nter face T o enable L2TP on a n inte rface with fram e relay and IP al ready enabled , compl ete the follo wing tasks: Site Manager Procedu r e Y ou do this System respo nds 1. In the Conf igu ration M anage r win dow , choose a W AN c onnector . The Edit Connec[...]

  • Page 42

    Configuring L2 TP Services 2-8 303532 - A Re v 00 11. Clic k on OK . Y ou retu r n to th e L2 TP IP In ter f ace Li st windo w , which displa ys the IP i nter fac e addres s and the s ubnet mas k. A mess age windo w opens that rea ds, L2TP Conf ig urati on i s co mple ted . 12. Clic k on OK . 13. Clic k on Done . Y ou r etu r n t o t he F ra me R e[...]

  • Page 43

    Starting L2 TP 303532- A Re v 0 0 2-9 Enabl ing L2TP on an E xisting A TM Interface T o enable L2TP on an int erface w i th A T M and IP alrea dy enabl ed, you can enable L2TP in tw o ways. If your interf ace uses a COM connector , c omplete the ta sks in the follo wing table. If your inte rface us e s an A TM connector , go to page 2 -10 . Site Ma[...]

  • Page 44

    Configuring L2 TP Services 2-10 303532 - A Re v 00 If y our A TM inte rface us es an A TM conn ecto r , co mple te th e followi n g t asks: 12. Clic k on Done . Y ou r eturn t o the Circ uit D efi niti on windo w . 13. Choose File . The Fil e menu open s. 14. Choose Exit . Y ou r et ur n to t he Conf igur atio n Man ager windo w . Site Manager Proc[...]

  • Page 45

    303532- A Re v 00 3-1 Chapter 3 Customiz ing L 2TP Services When y ou ena ble L2 TP , defa ult v alues a re in ef fe ct for most parameter s (se e parame ter descrip tions in Appendix A , “ L2TP Para meters ”). Y o u m ay wa nt to change some of t hese v alue s, de pending on the requir ements of y our ne twork . This c hapte r in cludes th e f[...]

  • Page 46

    Configuring L2 TP Services 3-2 303532 - A Re v 00 Modifying the L 2TP Pr otocol Configuration T o modify how da ta is transmitte d across an L2TP networ k, suc h as the number , freq uency , a nd timi ng of data a nd acknowl edgment pack ets e xchanged between the LNS and LA C, you can modify the L2TP protoc ol pa rameters. T o modify the L2TP prot[...]

  • Page 47

    Custom izing L2TP Services 303532- A Re v 0 0 3-3 Modifying RA DIUS Ser v er Information If you change the add ress of the RADIUS ser ver tha t you are usin g to authen ticate remote users and manage accounti ng functi ons, you mu st upda te the server addre ss information on the LNS. Fo r more information ab out using a RADIUS s erv er in an L2TP [...]

  • Page 48

    Configuring L2 TP Services 3-4 303532 - A Re v 00 Changing th e LNS Sy stem Name The LNS syste m name i s t he name o f the router . This name i s u sed during tun nel setup to ident ify th e LNS uniq ue ly . By def ault , Si te Manage r e nters th e syst em name that you initial ly conf igured when fi rst a ccessi ng the router . Se e Conf iguring[...]

  • Page 49

    Custom izing L2TP Services 303532- A Re v 0 0 3-5 Modifying the Number of L2TP Se ssions P erm i tte d Y ou ca n m od ify th e ma xi mum nu m ber of ac tive L2TP sess ions tha t the LNS ca n manage. The de fault is 100 se ssi ons. Fo r more information ab out L2TP sessions, se e “ L2TP Sessions ” o n page 1-3 . T o change the maximum number of [...]

  • Page 50

    Configuring L2 TP Services 3-6 303532 - A Re v 00 K ee ping the Rem ote User ’ s Dom ain Name The LNS remov es the domain name from the complete use r name b y default, befor e passing it on to the RADIUS serve r for user authen tic ation. T o ke ep th e domain name wi th the user n ame, comple te th e follo wing t asks: Site Manager Procedu r e [...]

  • Page 51

    Custom izing L2TP Services 303532- A Re v 0 0 3-7 Changing the Domain Name De limiter In the complet e user name there is a single -cha racter delimiter tha t separ ates the user na me from t he domain na m e. By defaul t, the LNS remov es the do m ain na me when it rece iv e s a ca ll. The delimi te r tells the LNS which ch arac ters to rem o v e.[...]

  • Page 52

    Configuring L2 TP Services 3-8 303532 - A Re v 00 En abli ng T un nel A uth ent ica tio n T o prev ent unauthorize d users from accessi ng t he cor porate networ k, you can enable t unnel auth entic ation. Dur ing tunnel ne gotiati on, the LA C s e nds it s tunne l authenti c ation p a ssword to t he LNS. If the pass word is not recognize d by the [...]

  • Page 53

    Custom izing L2TP Services 303532- A Re v 0 0 3-9 Modifying L2TP IP Interface Ad d resses The L2TP I P Int e rface List windo w lists the L2TP IP interf a ce addresses f or each slot tha t has L2TP c onf igure d. The LNS uses the address es interna lly to ide ntify the remote si tes. Fo r more information ab out the L2TP I P interf ace, see “ L2T[...]

  • Page 54

    Configuring L2 TP Services 3-10 303532 - A Re v 00 Disab ling RIP RIP is enabled on the LNS b y de f a ul t so that the LNS can learn routes f rom the remote dial-in router . I f the LNS does n ot re quire R IP support, y ou can disa ble i t. T o disa ble R IP , com plete th e follo wi ng tas ks: Disabling L2TP T o disable L2TP on a slot, comple te[...]

  • Page 55

    Custom izing L2TP Services 303532- A Re v 0 0 3-11 Deleting L2 TP fr om a P P P Inte rfa ce T o delete L2TP from a PPP inte rface , comp lete t he f ollo w i ng ta s ks: 6. Set t he Enable L2TP par amet er to Disabl e . Clic k on Help or see the paramet er des cri pti on on page A- 3 . Site Mana ger di sabl es L2TP f or t he sl ot. 7. Clic k on Don[...]

  • Page 56

    Configuring L2 TP Services 3-12 303532 - A Re v 00 Deleting L2 TP fr om a Fr a me Rela y Interface T o delete L2TP from a frame relay int erface, comp l ete t he fo l lowing tasks: Site Manager Procedu r e Y ou do this System respo nds 1. In the Conf igu ration M anage r win dow , clic k on a W AN connect or co nf igured with L2TP . The Edi t Con n[...]

  • Page 57

    Custom izing L2TP Services 303532- A Re v 0 0 3-13 Deleting L2TP fr om an A TM Interface T o delete L2TP from an A TM inte rface on a CO M c onnector , complete the foll o wing ta sks: T o delete L2TP from an A TM inte rface on a n A T M c onnector , comple te the foll o wing ta sks: Site Manager Procedu r e Y ou do this System respo nds 1. In the [...]

  • Page 58

    Configuring L2 TP Services 3-14 303532 - A Re v 00 6. Clic k on OK . Y ou re tu r n to th e A TM S e r v ic e Rec o rds List window . 7. Clic k on Done . Y ou re tu r n to th e Ed it A T M C o nn e c to r windo w . 8. Clic k on Done . Y ou r eturn t o the Confi gurat ion M anager windo w . Site Manager Procedur e (con tinu ed) Y ou do this System r[...]

  • Page 59

    303532- A Re v 00 A-1 Appendix A L2TP P arameter s This appendix contains the Site Manage r parameter descr iptions fo r L2TP servic es. Y ou c an displ a y the same information using Si te Manager online Help. Fo r inf ormatio n about the IP para meters t ha t you set when ena bling L2TP , see Conf igu ring I P Servic es . This a ppendix conta ins[...]

  • Page 60

    Configuring L2 TP Services A- 2 303532 - A Re v 00 The T ech nicia n Interfa ce al l o ws you t o modify para meter s by issu ing set and commit commands with the MIB object ID. This proce ss is eq uiva len t t o modifying pa rameters using Site Manager . For more infor mation about using the T ec hnic ian Inte rface t o acces s the MIB, see Using [...]

  • Page 61

    L2TP P arame ters 303532- A Re v 0 0 A-3 Parame ter : Ena ble L2TP Path: Configu r ation M anager > P rotoco ls > I P > L2TP > L2TP C onf iguration Defaul t: Enable Options: Enable | Disabl e Function: Enables or disables L2TP on this i nterface. Instruc ti ons: S i te Manager automatica lly sets thi s paramete r to Enab le when you sel[...]

  • Page 62

    Configuring L2 TP Services A- 4 303532 - A Re v 00 Parame ter : Re tra n sm it Time r (s econ ds) Path: Configu r ation M anager > P rotoco ls > I P > L2TP > L2TP C onf iguration Defaul t: 1 Options: 1 to 60 se conds Function: I n dicates the number of seconds that the LNS wait s for an ackno wledgment from the LA C before r esending pa[...]

  • Page 63

    L2TP P arame ters 303532- A Re v 0 0 A-5 Par ameter: Ack T imeout (millisec onds) Path: Configu r ation M anager > P rotoco ls > I P > L2TP > L2TP C onf iguration Defaul t: 250 Options: 1 to 350 m illi seconds Function: S pec if ies the maximum number of millis econds that can ela pse before the LNS sends an ackno wle dgment to the LA C[...]

  • Page 64

    Configuring L2 TP Services A- 6 303532 - A Re v 00 Par ameter: RADIUS Primary Server Pa ssword Path: Configu r ation M anager > P rotoco ls > I P > L2TP > L2TP C onf iguration Defaul t: None Options: Any alphanum eric string, up to a maximum of 64 c haracte rs Function: S pec if ies the primary RADIUS serv er’ s pa s sword. Instruc ti[...]

  • Page 65

    L2TP P arame ters 303532- A Re v 0 0 A-7 Par ameter: Remove Domain Name Path: Configu r ation M anager > P rotoco ls > I P > L2TP > L2TP C onf iguration Defaul t: Enable Options: Ena ble | Disa ble Function: I n structs t he route r whether to re mov e the dom ain name f rom t he complete use r name before RADIUS authentic ation takes p[...]

  • Page 66

    Configuring L2 TP Services A- 8 303532 - A Re v 00 L2TP T unnel Securi ty P a ra m eters The L2TP T unnel Security List windo w (Figur e A-2) contains th e tunnel authenti c ation p a rameters . Figu re A- 2. L2T P T un nel Sec urity Lis t Wind ow The paramete r desc riptio ns fol low .[...]

  • Page 67

    L2TP P arame ters 303532- A Re v 0 0 A-9 Parame ter : Ena ble T u nnel Authe nticatio n Path: Configu r ation M anager > P rotoco ls > I P > L2TP > T unnel Authe nticatio n Defaul t: Disable Options: Enable | Disabl e Function: Enables or disables the use of t unnel a ut he nt ication fo r a sl ot on the LNS. T unnel authentica tion pro[...]

  • Page 68

    Configuring L2 TP Services A- 10 303532 -A Rev 00 L2TP IP Int erface P a ramete r s The L2TP IP Interf a ce List wi ndow (Figur e A-3) c on t a i ns t he list of IP i nterface s for e ach sl ot on t he route r conf igured wi th L2 TP . Figure A-3. L2TP IP Interface List Window When you cli c k on Change, Site Manager d isplays t he L2TP IP In te rf[...]

  • Page 69

    L2TP P arame ters 303532- A Re v 0 0 A-11 The paramete r desc riptio ns fol low . Parame ter : L2 TP IP Inte rface Ad dress Pa th: Configu r ation M anager > Prot oc ols > IP > L2TP > L2TP IP Int erfa ce Defaul t: None Options: Any unique IP address Function: S pec if ies the IP address that identi f ies the L2TP IP int erfac e for the [...]

  • Page 70

    Configuring L2 TP Services A- 12 303532 -A Rev 00 Par ameter: RIP Enable Pa th: Configu r ati on Manager > Pr otoco ls > I P > L2TP > L2TP I P I nt erface Defaul t: Enable Options: Enable | Disable Function: S pec if ies whether RIP List en is enabled on this inte rface . See Configu ring IP Services f or m or e informat ion about RIP .[...]

  • Page 71

    303532- A Re v 00 B-1 Appendix B Conf iguration Exa mples This a ppendix prov ide s two e xamples of L2TP ne twork conf igurati ons. It i nclude s only t hose p aram eters that re quire cha nges fr om th eir d efa ult setti ngs for prope r conf iguration. F or instruc tions on modifying pa rameters, se e Cha pt e r 3, “Customi zing L2 TP Ser vice[...]

  • Page 72

    Configuring L2 TP Services B- 2 303532 - A Re v 00 Figure B-1. L 2TP Netwo rk with PCs at the Remote Site Configuring the Remote Hosts The remote host s i n this ne twork are two PCs run ning Wi ndows 95. Neither PC has inter nal L2TP capabil ities. In this netw ork, one PC has a s ynchron ous dia l connec tion to the ISP via a modem. The othe r PC[...]

  • Page 73

    Configuration Examp les 303532- A Re v 0 0 B-3 Configuring the LACs and the TMS The LA Cs in this ne two rk are Model 5399 Remote Access Conce ntr ators. Bo th de vi ces ha v e L2 TP modules insta lle d. S ee Model 5399 Remote Acce ss Concent rator documenta tio n for inf ormat ion about conf iguri ng L2TP . The LA Cs use the same TMS, which you co[...]

  • Page 74

    Configuring L2 TP Services B- 4 303532 - A Re v 00 6. In t he L2 TP T un neling Sec urity window , e nable tunn el aut henti cation. 7. In t he L2 TP I P In terface wind ow , e nter the L 2TP I P a ddress. During the L2TP session, the RADIUS serv e r assigns the follo wing IP addre sses: jsmar t@baynetwor ks.com: 192. 32.40.1 mmark@baynetw orks.com[...]

  • Page 75

    Configuration Examp les 303532- A Re v 0 0 B-5 Exampl e 2: Remote Router Ca ll ing the Corpo ra te Netw o rk Figure B -2 shows a ne tw ork with two B aySta c k™ AN ® route rs at the re mote si te. The AN routers are u s ing dial -o n-d e ma nd servi ce fo r dia l- up c onnections. In this network, note the follo wing: • P PP is the W AN protoc[...]

  • Page 76

    Configuring L2 TP Services B- 6 303532 - A Re v 00 Configuring the Dial-on-Demand C ircuit Modify t he dial-on- demand circui t conf igura tion f or t he AN r outers as f ollo ws: 1. In th e Conf i guration Manager window , choose Dialup > De mand C i rc uit s > Demand P ools > PPP Cir cuits > PPP Demand Ci rc uits t o display the PPP D[...]

  • Page 77

    303532- A Re v 00 C-1 Appendix C T r ouble shooting T o monitor your L2TP network a nd solve proble ms that may occur , fir st check the e v ent l og f ile for a ny m essages recorde d b y the LNS. For infor mation a bout vie wi ng and reading e ven t messag es, see Event Messag e s for Routers and Conf igu ring and Manag ing Routers with Site Mana[...]

  • Page 78

    Configuring L2 TP Services C-2 303532 - A Re v 00 L2TP sessi on is not activ e. The LNS fai l ed to negoti at e the PPP LCP options . Reconfi gure the host at t he remote si te dial ing in to the I SP . For a Bay Net work s rout er at the remote site, chec k the PPP MR U/MRR U s ize . The LNS sup por ts a n MR U/MR UU siz e of 1500 only . Use the f[...]

  • Page 79

    303532- A Re v 00 Index-1 A acco untin g, RADI US, 1- 15 Ac k T imeout (m ill is eco nds) pa ram e ter , A-5 acro nym s , xv B Bay N etw orks LNS. See LNS C conf i gu rati on e xam p l e s, B-1 conf igurat i on f i le , re quirem ent s, 2- 3 conven tion s, t ext, xiv D d eleti ng L2 TP fr om A T M, 3-1 3 from fram e re la y , 3- 1 2 fro m PPP , 3-1[...]

  • Page 80

    Ind ex -2 3 03532-A Re v 00 LNS ( con ti nue d) L2TP sec urity , 1- 10 mod ifyi ng pr oto col conf igurati on , 3-2 oper ating wi th LA Cs, 1- 11 LNS Syst em Name par am et er , A-5 LNS s yst em name , ch angi ng , 3- 4 M Max L2TP Sessions pa ram eter , A- 3 Maximum Retransmit parameter , A-4 P pack et enc aps ula tion , L2TP , 1-8 par ame ters cus[...]