2 l2tp tunnel session setup, 2 l2tp tunnel session setup -5 – Panasonic NN46240-710 User Manual

Nortel Secure Router 8000 Series

Troubleshooting - VPN___________

1 L2TP troubleshooting

1.1.2 L2TP tunnel session setup

Figure 1-2 shows the process for setting up an L2TP tunnel.

Figure 1-2 The process ^ow for setting up an L2TP tunnel

PC

9

LAC

RouterA

LAC

RADIUS Server

LNS

RouterB

LNS

RADIUS Server

(1) call setup

(2) PPP LCP setup

(3) PAP or CHAP

authentication

f

(4) access request

(5) access accept

(6) tunnel establish

(7) PAP or CHAP authentication

(challenge/response)

(8) authentication passes

(9) user CHAP response, PPP

negotiation parameter

(12) CHAP authentication twice(chaNenge/response)

(15) authentication passes

I

(10) access request

(11) access accept

(13) access request

(14) access accept

The procedure for setting up an L2TP tunnel is as follows:

1.

The PC on the user side sends a connection request.

2.

The PC and LAC device (Router A) negotiate the PPP LCP.

3.

LAC carries out PAP or CHAP authentication based on the information from the PC.

4.

LAC sends an access request with the VPN user name and password to the RADIUS
server for identity authentication.

5.

The RADIUS server authenticates this user and sends an access accept message, such as

the LNS address. After the authentication succeeds, LAC is ready to start a new tunnel
request.

6.

LAC makes a tunnel request to the LNS specified by the RADIUS server.

7.

LAC informs LNS of a CHAP challenge, and LNS sends a CHAP response and its
CHAP challenge. LAC then sends back a CHAP response.

8.

The authentication succeeds.

9.

LAC transmits the information about the CHAP response, response identifier, and PPP

negotiation parameters to LNS.

Issue 5.3 (19 January 2009)

Nortel Networks Inc.

1-3