Cisco Cisco ASR 5700
APN Configuration Mode Commands
tunnel l2tp ▀
Command Line Interface Reference, StarOS Release 17 ▄
1469
Usage
This command can be used to configure the GGSN to tunnel subscriber traffic to one or more peer LNSs
using L2TP or L2TP with IPSec.
When using L2TP, the system functions as a L2TP access Concentrator (LAC) and tunnels traffic to a peer
L2TP Network Server (LNS). LAC functionality is supported through the configuration of LAC Services
defined in destination contexts configured on the system.
When using crypt-map policies, the system functions in the same fashion as with L2TP, with the exception
that the encapsulated L2TP traffic is further encrypted using IPSec. IPSec functionality is supported through
the definition of crypto maps configured in the same destination context as the LAC services.
A maximum of four LNS peers can be configured per APN. If no peer is specified, the system will use the
LAC Service(s) configured in the same destination context as the APN.
using L2TP or L2TP with IPSec.
When using L2TP, the system functions as a L2TP access Concentrator (LAC) and tunnels traffic to a peer
L2TP Network Server (LNS). LAC functionality is supported through the configuration of LAC Services
defined in destination contexts configured on the system.
When using crypt-map policies, the system functions in the same fashion as with L2TP, with the exception
that the encapsulated L2TP traffic is further encrypted using IPSec. IPSec functionality is supported through
the definition of crypto maps configured in the same destination context as the LAC services.
A maximum of four LNS peers can be configured per APN. If no peer is specified, the system will use the
LAC Service(s) configured in the same destination context as the APN.
Example
The following command configures L2TP support for the APN. It configures the APN to tunnel traffic to an
LNS with an IP address of 192.168.1.50 through a LAC service bound to an interface with an IP address
192.168.1.201 configured in a destination context on the system called pdn1. The shared secret between the
system and the LNS is 5496secRet. This will be the only LNS configured so the default preference of 1 will
not be changed.
LNS with an IP address of 192.168.1.50 through a LAC service bound to an interface with an IP address
192.168.1.201 configured in a destination context on the system called pdn1. The shared secret between the
system and the LNS is 5496secRet. This will be the only LNS configured so the default preference of 1 will
not be changed.
tunnel l2tp peer-address 192.168.1.50 secret 5496secRet tunnel-context
pdn1 local-address 192.168.1.201
pdn1 local-address 192.168.1.201