Lucent Technologies 6000 User Manual
11-2
MAX 6000/3000 Network Configuration Guide
Setting Up Virtual Private Networks
Configuring ATMP tunnels
Configuring ATMP tunnels
Configuring ATMP tunnels
ATMP is a UDP/IP-based protocol for tunneling between two MAX units across an IP
network. Data is transported through the tunnel in Generic Routing Encapsulation (GRE), as
described in RFC 1701. (For a complete description of ATMP, see RFC 2107, Ascend Tunnel
Management Protocol - ATMP.)
network. Data is transported through the tunnel in Generic Routing Encapsulation (GRE), as
described in RFC 1701. (For a complete description of ATMP, see RFC 2107, Ascend Tunnel
Management Protocol - ATMP.)
This section describes how ATMP tunnels work between two MAX units. One of the units acts
as a Foreign Agent (typically a local ISP) and one as a Home Agent (which can access the
home network). A mobile client dials into the Foreign Agent, which establishes a
cross-Internet IP connection to the Home Agent. The Foreign Agent then requests an ATMP
tunnel on top of the IP connection. The Foreign Agent must use RADIUS to authenticate
mobile client dial-ins.
as a Foreign Agent (typically a local ISP) and one as a Home Agent (which can access the
home network). A mobile client dials into the Foreign Agent, which establishes a
cross-Internet IP connection to the Home Agent. The Foreign Agent then requests an ATMP
tunnel on top of the IP connection. The Foreign Agent must use RADIUS to authenticate
mobile client dial-ins.
The Home Agent is the terminating part of the tunnel and provides most of the ATMP
intelligence. It must be able to communicate with the home network (the destination network
for mobile clients) through a direct connection, another router, or across a nailed connection.
intelligence. It must be able to communicate with the home network (the destination network
for mobile clients) through a direct connection, another router, or across a nailed connection.
For example, in Figure 11-1, the mobile node might be a sales person who logs into an ISP to
access his or her home network. The ISP is the Foreign Agent. The Home Agent has access to
the home network.
access his or her home network. The ISP is the Foreign Agent. The Home Agent has access to
the home network.
Figure 11-1. ATMP tunnel across the Internet
How the MAX creates ATMP tunnels
The MAX establishes an ATMP connection as follows:
1
A mobile client dials a connection to the Foreign Agent.
2
The Foreign Agent uses a RADIUS profile to authenticate the mobile client.
The MAX, configured as a Foreign Agent, requires RADIUS authentication of the mobile
client, because only RADIUS supports the required attributes.
client, because only RADIUS supports the required attributes.
3
The Foreign Agent uses the Ascend-Home-Agent-IP-Addr attribute in the mobile client’s
RADIUS profile to locate a Connection profile (or RADIUS profile) for the Home Agent.
RADIUS profile to locate a Connection profile (or RADIUS profile) for the Home Agent.
4
The Foreign Agent dials the Home Agent, and authenticates and establishes an IP
connection in the usual way.
connection in the usual way.
5
The Foreign Agent informs the Home Agent that the mobile client is connected, and
requests a tunnel. The Foreign Agent sends up to 10 RegisterRequest messages at
requests a tunnel. The Foreign Agent sends up to 10 RegisterRequest messages at
MAX
Foreign Agent
Foreign Agent
MAX
Home Agent
Home Agent
IP network
RADIUS
Home network
Mobile client
ATMP tunnel