Configuring atmp tunnels, How the max creates atmp tunnels, Configuring atmp tunnels -2 – Lucent Technologies 6000 User Manual

Page 436: How the max creates atmp tunnels -2, Figure 11-1 atmp tunnel across the internet -2

Advertising
background image

11-2

MAX 6000/3000 Network Configuration Guide

Setting Up Virtual Private Networks
Configuring ATMP tunnels

Configuring ATMP tunnels

ATMP is a UDP/IP-based protocol for tunneling between two MAX units across an IP
network. Data is transported through the tunnel in Generic Routing Encapsulation (GRE), as
described in RFC 1701. (For a complete description of ATMP, see RFC 2107, Ascend Tunnel
Management Protocol - ATMP.)

This section describes how ATMP tunnels work between two MAX units. One of the units acts
as a Foreign Agent (typically a local ISP) and one as a Home Agent (which can access the
home network). A mobile client dials into the Foreign Agent, which establishes a
cross-Internet IP connection to the Home Agent. The Foreign Agent then requests an ATMP
tunnel on top of the IP connection. The Foreign Agent must use RADIUS to authenticate
mobile client dial-ins.

The Home Agent is the terminating part of the tunnel and provides most of the ATMP
intelligence. It must be able to communicate with the home network (the destination network
for mobile clients) through a direct connection, another router, or across a nailed connection.

For example, in Figure 11-1, the mobile node might be a sales person who logs into an ISP to
access his or her home network. The ISP is the Foreign Agent. The Home Agent has access to
the home network.

Figure 11-1. ATMP tunnel across the Internet

How the MAX creates ATMP tunnels

The MAX establishes an ATMP connection as follows:

1

A mobile client dials a connection to the Foreign Agent.

2

The Foreign Agent uses a RADIUS profile to authenticate the mobile client.

The MAX, configured as a Foreign Agent, requires RADIUS authentication of the mobile
client, because only RADIUS supports the required attributes.

3

The Foreign Agent uses the Ascend-Home-Agent-IP-Addr attribute in the mobile client’s
RADIUS profile to locate a Connection profile (or RADIUS profile) for the Home Agent.

4

The Foreign Agent dials the Home Agent, and authenticates and establishes an IP
connection in the usual way.

5

The Foreign Agent informs the Home Agent that the mobile client is connected, and
requests a tunnel. The Foreign Agent sends up to 10 RegisterRequest messages at

MAX
Foreign Agent

MAX
Home Agent

IP network

RADIUS

Home network

Mobile client

ATMP tunnel

Advertising
This manual is related to the following products:

3000

Popular Brands
Popular manuals