Avaya L2TP Uživatelský manuál

BayRS Version 14.00Part No. 308634-14.00 Rev 00September 19994401 Great America ParkwaySanta Clara, CA 95054Configuring L2TP Services

Configuring L2TP ServicesB-12308634-14.00 Rev 008.Click on Add and configure the following entry, then click on OK.9.Click on Done to return to the De

Configuration Examples308634-14.00 Rev 00B-13 14.Click on Done to return to the Configuration Manager window.15.Verify that in the PPP configuration,

Configuring L2TP ServicesB-14308634-14.00 Rev 00Configuring the Model 5399 as a LACLAC1 in this network is a Model 5399 Remote Access Concentrator (RA

Configuration Examples308634-14.00 Rev 00B-15 5.Configure static routes to the LNS WAN interface. The command syntax to add a route is as follows: rou

Configuring L2TP ServicesB-16308634-14.00 Rev 00To create the domain nortelnetworks.com, do the following tasks at the # prompt:1.Go to the annex dire

Configuration Examples308634-14.00 Rev 00B-17 7.Choose Any RAS Client, then click on OK.You return to the main window.8.Click on Edit authentication s

Configuring L2TP ServicesB-18308634-14.00 Rev 00Configuring the LNSThe LNS in this network is a BN router with at least two synchronous interfaces. Fo

Configuration Examples308634-14.00 Rev 00B-19 10.Configure the L2TP interface, as follows:11.Click on OK, then, after the L2TP circuits are created, c

308634-14.00 Rev 00C-1 Appendix CTroubleshootingTo monitor your L2TP network and solve problems that may occur, first check the event log file for any

308634-14.00 Rev 00xiTablesTable B-1. Configuration Commands for the Model 5399 LAC ... B-3Table B-2. Configuration for

Configuring L2TP ServicesC-2308634-14.00 Rev 00L2TP session is not active. The LNS failed to negotiate the PPP LCP options. Reconfigure the host at th

308634-14.00 Rev 00Index-1Aaccounting, RADIUS, 1-15Ack Timeout (milliseconds) parameter, A-5acronyms, xvauthentication, RADIUS, 1-14authentication, tu

Index-2308634-14.00 Rev 00LACconfiguration examples, B-3, B-14description, 1-5tunnel authentication, security, 1-12Layer 2 Tunneling Protocol. See L2T

308634-14.00 Rev 00Index-3support, Nortel Networks, xviiTtechnical publications, xvitechnical support, xviitext conventions, xivTMSconfiguration examp

308634-14.00 Rev 00xiii PrefaceThis guide describes Layer 2 Tunneling Protocol (L2TP) and what you do to start and customize L2TP services on a Nortel

Configuring L2TP Servicesxiv308634-14.00 Rev 00Text ConventionsThis guide uses the following text conventions:angle brackets (< >) Indicate that

Preface308634-14.00 Rev 00xv AcronymsThis guide uses the following acronyms:separator ( > ) Shows menu paths. Example: Protocols > IP identifies

Configuring L2TP Servicesxvi308634-14.00 Rev 00Hard-Copy Technical ManualsYou can print selected technical manuals and release notes free, directly fr

Preface308634-14.00 Rev 00xvii How to Get HelpIf you purchased a service contract for your Nortel Networks product from a distributor or authorized re

308634-14.00 Rev 001-1 Chapter 1L2TP OverviewThe Layer 2 Tunneling Protocol (L2TP) provides remote users, such as telecommuters, mobile professionals,

ii308634-14.00 Rev 00 Copyright © 1999 Nortel NetworksAll rights reserved. Printed in the USA. September 1999.The information in this document is subj

Configuring L2TP Services1-2308634-14.00 Rev 00L2TP BenefitsL2TP provides the following benefits to remote users, corporations, and ISPs:• Users and b

L2TP Overview308634-14.00 Rev 001-3 Multiple users can communicate through a single tunnel between the same LAC and LNS pair. Each user transmits and

Configuring L2TP Services1-4308634-14.00 Rev 00Components of an L2TP NetworkThe following sections describe the components of an L2TP network. For ill

L2TP Overview308634-14.00 Rev 001-5 L2TP Access Concentrator (LAC)The L2TP access concentrator (LAC) resides at the ISP network. The LAC establishes t

Configuring L2TP Services1-6308634-14.00 Rev 00L2TP Network Server (LNS)The L2TP network server (LNS) is a router that resides at the corporate networ

L2TP Overview308634-14.00 Rev 001-7 Examples of L2TP NetworksFigure 1-1 shows an L2TP network that uses a LAC to connect to the LNS. The tunnel is bet

Configuring L2TP Services1-8308634-14.00 Rev 00L2TP Packet EncapsulationThe PC or router at the remote site sends PPP packets to the LAC. The LAC enca

L2TP Overview308634-14.00 Rev 001-9 Making a Connection Across an L2TP NetworkThe following steps explain how a remote user connects across an L2TP ne

Configuring L2TP Services1-10308634-14.00 Rev 00Security in an L2TP NetworkYou can configure two layers of security in an L2TP network:• Tunnel authen

L2TP Overview308634-14.00 Rev 001-11 Nortel Networks L2TP ImplementationIn an L2TP network, the Nortel Networks router is the LNS. LNS software operat

308634-14.00 Rev 00iiiNortel Networks NA Inc. Software License AgreementNOTICE: Please carefully read this license agreement before copying or using t

Configuring L2TP Services1-12308634-14.00 Rev 00Tunnel ManagementThe Nortel Networks tunnel management server (TMS), which resides at the ISP network,

L2TP Overview308634-14.00 Rev 001-13 You can enable tunnel authentication on the Nortel Networks LNS. If tunnel authentication is disabled, which is t

Configuring L2TP Services1-14308634-14.00 Rev 00After tunnel authentication is complete, it does not need to be repeated for other calls to the same L

L2TP Overview308634-14.00 Rev 001-15 RADIUS AccountingThe RADIUS server can provide accounting services in addition to its authentication services. RA

Configuring L2TP Services1-16308634-14.00 Rev 00Remote Router ConfigurationIf the host at the remote site is a Nortel Networks router, you may need to

L2TP Overview308634-14.00 Rev 001-17 Framed RoutesThe Nortel Networks L2TP implementation supports framed routes. With framed-route support, the LNS d

Configuring L2TP Services1-18308634-14.00 Rev 00Figure 1-7 shows the same network with framed-route support on the LNS. In this configuration, remote

L2TP Overview308634-14.00 Rev 001-19 prefix_length is optional. It specifies the length of the network mask for the remote user’s network: 8 for Class

Configuring L2TP Services1-20308634-14.00 Rev 00Figure 1-8. TCP/IP Settings Window for Server-Assigned NSAsTo use server-assigned NSAs, users should n

L2TP Overview308634-14.00 Rev 001-21 Configuring the NSA Feature on the LNSBy default, the NSA feature is disabled on the router acting as the LNS. Wh

iv308634-14.00 Rev 00for the security of its own data and information and for maintaining adequate procedures apart from the Software to reconstruct

Configuring L2TP Services1-22308634-14.00 Rev 00• The RADIUS server must support vendor-specific attributes (VSAs) and must have the following entries

L2TP Overview308634-14.00 Rev 001-23 Figure 1-9. Network with Local Name Server Address OriginRemotehost BISP networkCorporate networkTMSLACLNSDNS 2NB

Configuring L2TP Services1-24308634-14.00 Rev 00Example: Name Server Address Origin Parameter Set to RADIUSFigure 1-10 shows a network with the follow

L2TP Overview308634-14.00 Rev 001-25 Figure 1-10. Network with RADIUS Name Server Address OriginFin.host AISP networkCorporate networkTMSLACLNSRADIUSs

Configuring L2TP Services1-26308634-14.00 Rev 00Checking NSA Assignments from the Remote HostTo see which NSAs the LNS or RADIUS server assigned to a

L2TP Overview308634-14.00 Rev 001-27 Figure 1-12. IP Configuration Window3.Click on More Info.The More Info. IP Configuration window opens (Figure 1-1

Configuring L2TP Services1-28308634-14.00 Rev 00Figure 1-13. More Info. IP Configuration Window

L2TP Overview308634-14.00 Rev 001-29 Where to Go NextGo to one of the following chapters for more information:If you want to Go toStart L2TP on a rout

308634-14.00 Rev 002-1 Chapter 2Starting L2TPThe quickest way to start L2TP is to enable it with the default configuration that Nortel Networks softwa

308634-14.00 Rev 00vContents PrefaceBefore You Begin ...

Configuring L2TP Services2-2308634-14.00 Rev 00Planning Considerations for an L2TP NetworkThis guide primarily explains how to configure a Nortel Netw

Starting L2TP308634-14.00 Rev 002-3 Preparing a Configuration FileBefore starting L2TP, you must create and save a configuration file with at least on

Configuring L2TP Services2-4308634-14.00 Rev 00Enabling L2TP on an Unconfigured WAN InterfaceTo enable L2TP on an unconfigured WAN interface, complete

Starting L2TP308634-14.00 Rev 002-5 Enabling L2TP on an Existing PPP InterfaceTo enable L2TP on an interface with PPP and IP already enabled, complete

Configuring L2TP Services2-6308634-14.00 Rev 008. Click on OK. The L2TP IP Interface List window opens, followed by the L2TP IP Interface Configuratio

Starting L2TP308634-14.00 Rev 002-7 Enabling L2TP on an Existing Frame Relay InterfaceTo enable L2TP on an interface with frame relay and IP already e

Configuring L2TP Services2-8308634-14.00 Rev 0012. Click on OK. You return to the L2TP IP Interface List window, which displays the IP interface addre

Starting L2TP308634-14.00 Rev 002-9 Enabling L2TP on an Existing ATM InterfaceTo enable L2TP on an interface with ATM and IP already enabled, you enab

Configuring L2TP Services2-10308634-14.00 Rev 00If your ATM interface uses an ATM connector, complete the following tasks:11. Click on OK. You return

308634-14.00 Rev 003-1 Chapter 3Customizing L2TP ServicesWhen you enable L2TP, default values are in effect for most parameters (see parameter descrip

vi308634-14.00 Rev 00Remote Router Configuration ...1-16Framed Routes .

Configuring L2TP Services3-2308634-14.00 Rev 00Modifying the L2TP Protocol ConfigurationTo modify how data is transmitted across an L2TP network, such

Customizing L2TP Services308634-14.00 Rev 003-3 Modifying RADIUS Server InformationIf you change the address of the RADIUS server that you are using t

Configuring L2TP Services3-4308634-14.00 Rev 00Changing the LNS System NameThe LNS system name is the name of the router. This name is used during tun

Customizing L2TP Services308634-14.00 Rev 003-5 Modifying the Number of L2TP Sessions PermittedYou can modify the maximum number of active L2TP sessio

Configuring L2TP Services3-6308634-14.00 Rev 00Keeping the Remote User’s Domain NameBy default, the LNS removes the domain name from the complete user

Customizing L2TP Services308634-14.00 Rev 003-7 Changing the Domain Name DelimiterIn the complete user name, a single-character delimiter separates th

Configuring L2TP Services3-8308634-14.00 Rev 00Enabling Tunnel AuthenticationTo prevent unauthorized users from accessing the corporate network, you c

Customizing L2TP Services308634-14.00 Rev 003-9 Configuring the Name Server Address FeatureThe name server address (NSA) feature enables a remote host

Configuring L2TP Services3-10308634-14.00 Rev 00Modifying L2TP IP Interface AddressesThe L2TP IP Interface List window lists the L2TP IP interface add

Customizing L2TP Services308634-14.00 Rev 003-11 Disabling RIPRIP is enabled on the LNS by default so that the LNS can learn routes from the remote di

308634-14.00 Rev 00viiDeleting L2TP from an ATM Interface ...3-14Appendix A L2

Configuring L2TP Services3-12308634-14.00 Rev 00Deleting L2TP from a PPP InterfaceTo delete L2TP from a PPP interface, complete the following tasks:6.

Customizing L2TP Services308634-14.00 Rev 003-13 Deleting L2TP from a Frame Relay InterfaceTo delete L2TP from a frame relay interface, complete the f

Configuring L2TP Services3-14308634-14.00 Rev 00Deleting L2TP from an ATM InterfaceTo delete L2TP from an ATM interface on a COM connector, complete t

Customizing L2TP Services308634-14.00 Rev 003-15 6. Click on L2TP. Site Manager deselects L2TP.7. Click on OK. You return to the ATM Service Records

308634-14.00 Rev 00A-1 Appendix AL2TP ParametersThis appendix contains the Site Manager parameter descriptions for L2TP services. You can display the

Configuring L2TP ServicesA-2308634-14.00 Rev 00The Technician Interface allows you to modify parameters by issuing set and commit commands with the MI

L2TP Parameters308634-14.00 Rev 00A-3 Parameter: Enable L2TPPath: Configuration Manager > Protocols > IP > L2TP > L2TP ConfigurationDefaul

Configuring L2TP ServicesA-4308634-14.00 Rev 00Parameter: Retransmit Timer (seconds)Path: Configuration Manager > Protocols > IP > L2TP >

L2TP Parameters308634-14.00 Rev 00A-5 Parameter: Ack Timeout (milliseconds)Path: Configuration Manager > Protocols > IP > L2TP > L2TP Conf

Configuring L2TP ServicesA-6308634-14.00 Rev 00Parameter: RADIUS Primary Server PasswordPath: Configuration Manager > Protocols > IP > L2TP &

L2TP Parameters308634-14.00 Rev 00A-7 Parameter: Remove Domain NamePath: Configuration Manager > Protocols > IP > L2TP > L2TP Configuratio

Configuring L2TP ServicesA-8308634-14.00 Rev 00Parameter: Name Server Address OriginPath: Configuration Manager > Protocols > IP > L2TP >

L2TP Parameters308634-14.00 Rev 00A-9 Parameter: Secondary DNS AddressPath: Configuration Manager > Protocols > IP > L2TP > L2TP Configura

Configuring L2TP ServicesA-10308634-14.00 Rev 00L2TP Tunnel Security ParametersThe L2TP Tunnel Security List window (Figure A-2) contains the tunnel a

L2TP Parameters308634-14.00 Rev 00A-11 Parameter: Enable Tunnel AuthenticationPath: Configuration Manager > Protocols > IP > L2TP > Tunnel

Configuring L2TP ServicesA-12308634-14.00 Rev 00L2TP IP Interface ParametersThe L2TP IP Interface List window (Figure A-3) contains the list of IP int

L2TP Parameters308634-14.00 Rev 00A-13 The parameter descriptions follow.Parameter: L2TP IP Interface AddressPath: Configuration Manager > Protocol

Configuring L2TP ServicesA-14308634-14.00 Rev 00Parameter: RIP EnablePath: Configuration Manager > Protocols > IP > L2TP > L2TP IP Interfa

308634-14.00 Rev 00B-1 Appendix BConfiguration ExamplesThis appendix includes two examples of L2TP network configurations. Each example describes how

308634-14.00 Rev 00ixFiguresFigure 1-1. L2TP Network Using a LAC ...1-7Figure 1-2. L

Configuring L2TP ServicesB-2308634-14.00 Rev 00• IP addresses are assigned as follows: [email protected]: 192.168.210.101mmark@nortelnetworks.

Configuration Examples308634-14.00 Rev 00B-3 Configuring the Model 5399 as a LACLAC1 in this network is a Model 5399 Remote Access Concentrator (RAC).

Configuring L2TP ServicesB-4308634-14.00 Rev 005.Configure static routes to the LNS WAN interface. The command syntax to add a route is as follows: ro

Configuration Examples308634-14.00 Rev 00B-5 To create the domain nortelnetworks.com, do the following at the # prompt:1.Go to the annex directory by

Configuring L2TP ServicesB-6308634-14.00 Rev 008.Click on Edit authentication shared secret.The Enter shared secret window opens.9.Enter server1 as th

Configuration Examples308634-14.00 Rev 00B-7 Configuring the LNSThe LNS in this network is a BN router. For instructions on modifying LNS parameters,

Configuring L2TP ServicesB-8308634-14.00 Rev 0010.Enter the following values for the L2TP IP address and mask parameters.11.Click on OK, then click on

Configuration Examples308634-14.00 Rev 00B-9 Data Path Through the NetworkAfter you configure all components of the network, jsmart can call the local

Configuring L2TP ServicesB-10308634-14.00 Rev 00Example 2: Remote Router Calling the Corporate NetworkFigure B-2 shows a network with an ASN router at

Configuration Examples308634-14.00 Rev 00B-11 Configuring the Dial-on-Demand Remote RouterThis section explains how you configure dial-on-demand on th