Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Example: L2TP Tunnel Switching

 

This example shows the elements required to support L2TP tunnel switching.

Requirements

This example uses the following hardware and software components:

  • Two MX Series routers, each with one or more MPCs.

  • Junos OS Release 13.2.

Before you [taskdescription], be sure you have:

Overview

Topology

Configuration

To configure [item], perform these tasks:

CLI Quick Configuration

Configuring the L2TP Tunnel Switch Profile

Step-by-Step Procedure

The following example requires you to navigate various levels in the configuration hierarchy. For instructions on how to do that, see Using the CLI Editor in Configuration Mode.

To configure the L2TP tunnel switch profile on the LTS:

  1. Create the tunnel switch profile.
  2. Specify how the LTS handles AVPs received from a LAC.
  3. Specify the tunnel profile that defines the tunnel to which traffic is switched.

Configuring the LNS on the L2TP Tunnel Switch

Step-by-Step Procedure

The following example requires you to navigate various levels in the configuration hierarchy. For instructions on how to do that, see Using the CLI Editor in Configuration Mode.

To configure the LTS as an LNS:

  1. Enable inline services on an MPC.
  2. Configure the anchor service interface.
  3. Configure the peer interface to terminate the tunnel and the PPP server-side IPCP address (loopback address).
  4. Configure a dynamic profile that dynamically creates L2TP logical interfaces for the subscribers.
  5. Configure the RADIUS server.
  6. Configure a AAA access profile to override the global access profile for the order of AAA authentication methods and server attributes.
  7. Configure a user group profile that defines the PPP configuration for tunnel subscribers.
  8. Configure an L2TP access profile that associates a user group profile with the client and defines the L2TP parameters.
  9. Configure an address pool to allocate addresses for the client LACs.

  10. Configure the L2TP tunnel group.
  11. Specify the access profile.

Configuring the LAC on the L2TP Tunnel Switch

Step-by-Step Procedure

The following example requires you to navigate various levels in the configuration hierarchy. For instructions on how to do that, see Using the CLI Editor in Configuration Mode.

To configure the LAC:

  1. Define a tunnel profile to specify a set of attributes that characterize the tunnel created by the LAC.
  2. Specify an identifier (name) for the L2TP control connection for the tunnel.
  3. Configure the preference level for the tunnel. (Tunnel-Preference [83])
  4. Configure the IP address of the local L2TP tunnel endpoint, the LAC. (Tunnel-Client-Endpoint [66])
  5. Configure the hostname of the local client (LAC). (Tunnel-Client-Auth-Id [90])
  6. Configure the IP address of the remote L2TP tunnel endpoint, the LNS. (Tunnel-Server-Endpoint [67])
  7. Configure the hostname of the remote server (LNS). (Tunnel-Server-Auth-Id [91])
  8. Configure the password for remote server authentication. (Standard RADIUS attribute Tunnel-Password [69] or VSA Tunnel-Password [26-9])
  9. Configure the assignment ID for the tunnel. (Tunnel-Assignment-Id [82])
  10. Configure the maximum number of sessions allowed in the tunnel. (Tunnel-Max-Sessions [26-33])
  11. Configure the tunnel switch profile in the domain map.
  12. Configure the peer interface to originate the tunnel.

Results

Verification

Verifying [item]

Purpose

Action

Meaning

Troubleshooting

To troubleshoot [item], perform these tasks:

Troubleshooting [item]

Problem

Solution

Related Documentation