255
Both control messages and PPP frames are transferred on the tunnel. L2TP uses hello packets to
check a tunnel's connectivity. The LAC and the LNS regularly send hello packets to each other. If no
response packet is received within a given amount of time, the tunnel is torn down.
L2TP tunneling modes and tunnel establishment process
Three typical L2TP tunneling modes
Typical L2TP tunneling modes include the following:
• NAS-initiated—In Figure 91, a remote sys
tem dials in to the LAC through a PPPoE/ISDN
network, and the LAC initiates a tunneling request to the LNS over the Internet. The LNS
assigns a private IP address to the remote system. Authentication and accounting of the remote
system can be implemented on the LAC or on the LNS.
Figure 91 NAS-initiated tunneling mode
• Client-initiated—In Figure 92, after being permitted to access the Internet, a remote system
running the L2TP client application (LAC client) directly initiates a tunneling request to the LNS
without any dedicated LAC device. The LNS assigns the LAC client a private IP address.
A LAC client needs a public network address to communicate with the LNS through the
Internet.
Figure 92 Client-initiated tunneling mode
• LAC-auto-initiated—In NAS-initiated mode, a remote system must successfully dial in to the
LAC through PPPoE or ISDN to trigger the LAC to initiate a tunneling request to the LNS.
In LAC-auto-initiated mode, you can create a virtual PPP user and use the l2tp-auto-client
enable command on the LAC. Then, the LAC automatically initiates a tunneling request to the
LNS to establish an L2TP tunnel for the virtual PPP user. When a remote system accesses the
internal network, the LAC forwards data through the L2TP tunnel. In this mode, the connection
between a remote system and the LAC is not confined to a dial-up connection and can be any
IP-based connection.
Figure 93 LAC-auto-initiated tunneling mode
To Next Page
Loading...
Need help?
General
