Lucent Technologies 6000 User Manual
11-44
MAX 6000/3000 Network Configuration Guide
Setting Up Virtual Private Networks
Using Tunnel Options to support tunneling protocols
Using Tunnel Options to support tunneling protocols
Using DNS list attempts for L2F and L2TP
A MAX unit functioning as an L2F Network Access Server (NAS) or an L2TP Access
Concentrator (LAC) can execute a series of connection attempts based on a list of IP addresses.
Concentrator (LAC) can execute a series of connection attempts based on a list of IP addresses.
In a configuration requiring the Layer 2 Forwarding (L2F), the MAX unit functions as an L2F
Network Access Server (NAS). In a configuration requiring the Layer 2 Tunneling Protocol
(L2TP), the unit functions as an L2TP Access Concentrator (LAC). On the network side of the
L2F tunnel, the MAX unit can serve as the L2F Endpoint. On the network side of the L2TP
tunnel, the unit can serve as the L2TP Network Server (LNS).
Network Access Server (NAS). In a configuration requiring the Layer 2 Tunneling Protocol
(L2TP), the unit functions as an L2TP Access Concentrator (LAC). On the network side of the
L2F tunnel, the MAX unit can serve as the L2F Endpoint. On the network side of the L2TP
tunnel, the unit can serve as the L2TP Network Server (LNS).
If your DNS server is capable of returning a list of IP addresses for a specified hostname, you
can configure the MAX unit to attempt to establish a tunnel to each one of the IP addresses in
sequence. If the unit cannot establish a tunnel to the first IP address in the list, it attempts to
connect to the next address in the list, and so on, until a tunnel is successfully established, the
DNS list has no more IP addresses, or the connection times out.
can configure the MAX unit to attempt to establish a tunnel to each one of the IP addresses in
sequence. If the unit cannot establish a tunnel to the first IP address in the list, it attempts to
connect to the next address in the list, and so on, until a tunnel is successfully established, the
DNS list has no more IP addresses, or the connection times out.
To enable the DNS list attempts feature in a RADIUS profile, you must set the
Tunnel-Server-Endpoint (67) attribute to specify the name of a DNS-resolvable server. For
example:
Tunnel-Server-Endpoint (67) attribute to specify the name of a DNS-resolvable server. For
example:
Tunnel-Server-Endpoint = tunnel-server.company.com
Or you can dedicate a WAN line to a given L2TP or L2F server through the L2 Tunneling
Options. For example:
Options. For example:
L2 Tunneling Options...
Line 1 tunnel = L2TP
Route Line 1 = lns.example.com
In this example, the WAN line is dedicated to an L2TP tunnel routed to the
lns.example.com
lns.example.com
server.
Using Tunnel Options to support tunneling protocols
Each Connection profile in the MAX VT100 interface includes a Tunnel Options subprofile,
which contains 11 parameters. You can now configure Connection profiles to accept calls that
use the following tunneling protocols:
which contains 11 parameters. You can now configure Connection profiles to accept calls that
use the following tunneling protocols:
•
Ascend Tunnel Management Protocol (ATMP)
•
Layer-2 Forwarding (L2F)
•
Layer-2 Tunneling Protocol (L2TP)
•
Point-to-Point Tunneling Protocol (PPTP)
The Tunnel Options subprofile provides you with 11 parameters, as shown in the following
example:
example:
Ethernet
Connections
maxprofile
Tunnel options...
Profile type=Mobile-client
Tunnel protocol=L2TP
Max tunnels=N/A