Manualshelf

- Patton Electronics Server User Manual

ManualsBrandsPatton electronic ManualsServer29XX
291292293294295296297298299300
Introduction 291
Access Server Administrators’ Reference Guide 24 • Layer 2 Tunneling Protocol (L2TP)
Introduction
This chapter explains the operation of the L2TP feature on the Patton Electronics Remote Access Servers. This
feature has been introduced into the Patton RAS line with the 3.8.4 software release.
The L2TP Software supports the following features:
Shared Tunnel Support
If multiple clients requests an L2TP Tunnel to the same LNS, they will use the same tunnel
Multiple Tunnel Support
If a client requests a connection to a new L2TP Tunnel then a new tunnel will be established.
Keep Alive Messages
Full Challenge and Challenge Response check for each tunnel authentication request
Hostname verification supported when configured for authentication-ID support
Packet sequence checking and support
No AVP Hiding supported
CPU Idle Time available to the web interface on the Home Page
LNS IP Address displayed on the dialin-all web interface page
Tunnel Id displayed on the dialin-all web interface page.
L2TP provides a means of "backhauling" the PPP connection from the local RAS device, which will provide
the physical work on terminating the phone call, and the Access Server which will authenticate the call. The
RAS will be acting a LAC (L2TP Access Concentrator) in this application. A seperate device, typically a Cisco
router, will be acting as the LNS (L2TP Network Server).
L2TP Configuration
The Patton Electronics' Remote Access Server can be configured to initiate an L2TP tunnel using either Static
Authentication or RADIUS Authentication. The following information defines the configuration and the fea
-
tures which are available.
Static Authentication
The user has the ability to initiate an L2TP tunnel for a dialed in user based on a staticly configured username.
This is done by configuring the service for "VPN" and defining the IP Address of the LNS as the Service IP.
It is important to note that when configuring the device using static authentication neither the hostname veri-
fication or password protection is enabled on the link.