H3C Technologies H3C SecPath F1000-E User Manual

5

Figure 6 Typical L2TP network

Figure 7

depicts the setup procedure of an L2TP call in NAS-initiated mode.

Figure 7 L2TP call setup procedure

(1) Call setup

(2) PPP LCP setup

(3) PPP or CHAP

authenticaion

(4) Access request

(5) Access accept

(6) Tunnel setup

(7) CHAP authentication

(challenge/response)

(9) User CHAP response,
PPP negotiation parameter

(12) CHAP authentication twice (challenge/response)

(10) Access request

(11) Acesss accept

(13) Access request

(14) Acesss accept

(8) Authentication passes

(15) Authentication passes

Remote system

Host A

LAC

Device A

LNS

Device B

LAC

RADIUS server

LNS

RADIUS server

The setup procedure of an L2TP call is as follows:

1.

The remote user (Host) makes a PPP call.

2.

The remote user and the LAC (Device A) perform PPP LCP negotiation.

3.

The LAC authenticates the remote user using the Password Authentication Protocol (PAP) or
Challenge Handshake Authentication Protocol (CHAP).