beautypg.com

Configuring l2tp, Overview, Typical networking application of l2tp – H3C Technologies H3C SecPath F1000-E User Manual

Page 246

background image

234

Configuring L2TP

NOTE:

The term "router"

in this chapter refers to both routers and firewalls running routing protocols.

Overview

A virtual private dial-up network (VPDN) is a virtual private network (VPN) that utilizes the dial-up

function of public networks such as ISDN or PSTN networks to provide access services for enterprises,

small Internet service providers (ISPs), and mobile users. VPDN provides an economical and effective,

point-to-point way for remote users to connect to their home LANs.
The VPDN technology uses a specialized network communication protocol to build secure VPNs across

public networks for enterprises. Branches away from the headquarters and staff on business can remotely

access the intranet resources in the headquarters through a virtual tunnel over public networks; other

users on the public networks cannot.
A VPDN tunnel can be NAS-initiated or client-initiated:

NAS-initiated VPDN tunnel. The network access server (NAS) connects a user’s PPP connection to
the corporate VPDN gateway through a VPDN tunneling protocol, establishing a tunnel with the

VPDN gateway. The tunneling is transparent to users. A user only needs to perform login operation

once to access the enterprise network, which authenticates the user and assigns the user a private
IP address, eliminating the necessity of the user for a public address. This mode requires that the

NAS support VPDN and the authentication system support VPDN attributes.

Client-initiated VPDN tunnel. A user accesses the Internet first, and then establishes a tunnel with the
VPDN gateway through dedicated client software, such as the L2TP client software offered by

Windows 2000. In this mode, a user can access the enterprise network anytime from any place,

without the involvement of any ISP. However, users must install dedicated software, which means
that users must use platforms supporting the L2TP client. Usually, Windows 2000 platform is used.

In general, a VPDN gateway can be a router or a dedicated VPN server.
There are primarily three VPDN tunneling protocols:

Point-to-Point Tunneling Protocol (PPTP)

Layer 2 Forwarding (L2F)

Layer 2 Tunneling Protocol (L2TP)

L2TP is the most widely-used VPDN tunneling protocol.

Typical networking application of L2TP

Figure 146

shows a typical VPDN built by using L2TP.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: