|
Posted by . on February 22, 2008, 3:52 am
If you were Registered and logged in, you could reply and use other advanced thread options
> Hi,
>
> Your answer confirms what i am starting to think about what i have read the
> last hours (http://www.redbooks.ibm.com/redbooks/pdfs/sg242580.pdf ~ page
> 177 and on)
> I want to dig into vpn. ... and started with rfc (?).
> There (in the rfc) almost is the LAC at ISP configuration described and i
> asked myself what i would have to do (call my ISP ?).
> Seems to be "compulsory tunnel".
> May be this config is of "earlier times", or has some special features (like
> dedicated bandwith with tunnel over atm or has some security advantages
> (?).).
> I feel very sure this was a "product one could by from his ISP".
>
> The other, "voluntary tunnel", was in my focus, because from my eye i am a
> theoretical remote user with dsl (PPPoE - connection to ISP), but this isnt
> easy to find in rfc.
> And at least the Windows client is able to connect via L2TP (has the LAC in
> it, i think).
>
> still at the very surface ...
> Thanx + regards
> jk
>
>
> >>> There's not much point in the ISP initiating the tunnel at their LAC
> >>> if there's not something at the remote network end to terminate that
> >>> tunnel...
>
> >>You are right , i forgot the LNS
> >>But again : If i would or would have to work with this config:
> >>-Must i ask in this case wether the ISP has a "LAC" capable device
> >>(normally
> >>i would assume a DSLAM or else for the endpoint of my dial up connection)
> >>?
> >>to create a tunnel to "my" LNS ?
>
> > Not sure what the question is here. In this model of you connecting to
> > an ISP, and the ISP auto-tunneling your taffic, yes, the ISP would
> > have to have a RAS/BRAS device capable of being a L2TP LAC. That in
> > turn would identify your clients dialing in and auto-starting the
> > tunnel for that user to the LNS.
>
> >>-"My" LNS, must the this be connected by a fixed / leased line ? Or must
> >>it
> >>just typically have a constant IP address ?
>
> > It can be anywhere you have IP connectivity to. Policies of the
> > service the ISP offering you L2TP services may dictate what they
> > consider reasonable for connection back to your LNS. The L2TP
> > tunnelling all happens on the layer-3 IP layer though.
>
> > A fixed IP address is pretty much a given for the LNS end.
>
> > The other model you originally mentioned last in your first post with
> > an onsite CPE user device being a LAC to initiate the tunnel across
> > the Net doesn't require the ISPs involvement in any fashion what-so-ever.
L2TP quick flash tutorial:
http://secure-vpn.com/PPTP-L2TP.rar
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map