3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide
8
CONFIGURATION OF L2TP
Introduction to L2TP
Protocol
VPDN Overview Virtual Private Dial Network (VPDN) means implementing virtual private network
by employing the dial-up function of public networks (e.g. ISDN and PSDN) and
access networks, thus providing access service for enterprises, small ISPs and
mobile businessmen.
VPDN sets up safe virtual private networks in public networks for enterprises by
making use of special network encryption protocols. In this way, overseas agencies
and traveling staff of an enterprise can access the headquarters’ network by
making use of encrypted virtual Tunnels over public networks, while other users in
public networks have no access to internal resources of the enterprise network
through virtual Tunnels.
There are two VPDN implementation approaches:
1 NAS sets up Tunnel with VPDN gateway by making use of a Tunneling protocol. In
this way, users’ PPP connections are directly connected to enterprise’s gateway.
Protocols available now are L2F and L2TP. This approach has a great deal of
advantages: transparent Tunnel setup process from the perspective of users,
network access with one login, user authentication and address assignment by
enterprise network without occupying public addresses, and support to a wide
range of platforms for network access. It requires however: a) NAS supporting the
VPDN protocol, and b) authentication system supporting VPDN attributes, and c)
router or special VPN server working as gateway.
2 Client sets up Tunnel with VPDN gateway. In this way, client first creates
connection with the Internet, and then sets up a Tunnel with gateway by using the
special client software (e.g. L2TP client supported by Win2000). This approach
allows users to access network by whatever available means and wherever they
are without the intervention of ISP. The bad news is the limitation in platform,
meaning users need to install special software (usually Win2000 platform).
There are three types of VPDN Tunneling protocols: PPTP, L2F, and L2TP, with L2TP
being most popular.
Introduction to L2TP
Protocol
Protocol background
PPP provisioned a kind of encapsulation technology that allows the transmission of
various kinds of data packets on layer 2 point-to-point links. Meanwhile, PPP is
performed between users and NAS, with endpoint of layer 2 link and PPP session
sticking on the same hardware.