beautypg.com

L2tp features, Protocols and standards, L2tp configuration task list – H3C Technologies H3C SecPath F1000-E User Manual

Page 40

background image

7

14.

The RADIUS server authenticates the access request and returns a response if the user passes

authentication.

15.

The LNS assigns an internal IP address to the remote user. The user can now access the internal
resources of the enterprise network.

L2TP Features

1.

Flexible identity authentication mechanism and high security

L2TP itself does not provide security for connections. However, it has all the security features of PPP and

allows for PPP authentication (CHAP or PAP). L2TP can also cooperate with IPsec to guarantee data

security, strengthening the resistance of tunneled data to attacks. Tunnel encryption, end-to-end data

encryption, and end-to-end application-layer data encryption technologies can be used together with

L2TP for higher data security as required.

2.

Multi-protocol transmission

L2TP tunnels PPP frames, which can be used to encapsulate packets of multiple network layer protocols.

3.

RADIUS authentication

An LAC and LNS can send the username and password of a remote user to a RADIUS server for
authentication.

4.

Private address allocation

5.

An LNS can reside behind the firewall of a corporate network and dynamically allocates private

addresses to remote users, facilitating corporate private address management (RFC 1918) and
improving the security.

6.

Accounting flexibility

Accounting can be simultaneously carried out on the LAC and LNS, allowing bills to be generated on the

ISP side and charging and auditing to be processed on the enterprise gateway. The L2TP can provide

accounting data, such as inbound and outbound traffic statistics (in packets and bytes) and the

connection’s start time and end time. These features enable flexible accounting.

7.

Reliability

L2TP supports LNS backup. When the connection to the primary LNS is torn down, an LAC can establish

a new one to a secondary LNS. This redundancy enhances the reliability and fault tolerance of VPN

services.

Protocols and Standards

RFC 1661: The Point-to-Point Protocol (PPP)

RFC 1918: Address Allocation for Private Internets

RFC 2661: Layer Two Tunneling Protocol "L2TP"

L2TP Configuration Task List

To configure a device as an LAC or LNS, you need to firstly configure basic L2TP capability on the device,

and then perform LAC- or LNS-specific configurations. L2TP connection parameter configuration tasks

apply to both LAC and LNS and are optional. You may configure them as needed.
Complete the following tasks to configure L2TP:

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: