To configure L2TP on a routing instance

Note: For most parameters in this procedure, you can specify that the parameter value is inherited from the parent L2TP configuration using the Inherit Value parameter.

If you disable value inheritance for a parameter, the available options are restricted, based on the parent parameter value and the protocol functionality. For example, if a parameter in the global-level L2TP configuration is set to True, the only available option for the same parameter in the tunnel group profile-level L2TP configuration is False, unless a value of False violates a protocol rule, in which case the only available option is True.

The parameters that you configure for a L2TP tunnel group profile take precedence over the parameters that are configured for global-level L2TP.

Steps
 

In the navigation tree Routing view, expand Network→NE→Routing Instance→L2TP.

Right-click on the L2TP icon and choose Properties. The L2TP Site (Edit) form opens.

Configure the required parameters.

Select an L2TP Accounting Policy next to the RADIUS Accounting Policy field. See To configure an L2TP RADIUS accounting policy for information on creating an L2TP RADIUS Accounting Policy.

On the Failover Information panel, configure the failover recovery parameters, as required.

All tunnel group profiles and tunnel profiles configured on the L2TP site can be configured to inherit the failover recovery information specified here, or they can be configured individually with local failover recovery information.

Click on the Tunnel Selection Blacklist tab and configure the required parameters.

Click on the L2TPv3 tab to configure L2TPv3 support on the L2TP site.

Configure the required parameters.

To create a tunnel group profile:

If you are modifying an existing tunnel group profile, you can manually update the Tunnel Instance Endpoints list for the L2TP site after saving your changes. See Step 11 .

  1. Click on the Tunnel Group Profiles tab and click Create. The L2TP Tunnel Group Profile (Create) form opens.

  2. Select the L2TP Protocol Version in the Identification panel. Different tabs and parameters are available based on the L2TP protocol version.

  3. Configure the required L2TPv2 parameters.

    1. To generate operational L2TPv2 tunnels, a start operation must be performed on the L2TP tunnel on the LAC NE. You can also perform a start operation from a tunnel profile on the LNS.

      Failover recovery information can be configured locally or inherited from the parent L2TP site.

    2. Select an LNS group in the LNS Group ID panel.

      You must choose an LNS group for the tunnel group profile or tunnel profile of the site that acts as the LNS.

    3. Select a RADIUS accounting policy in the L2TP Radius Accounting Policy panel.

  4. Configure the required parameters in the L2TPv3 tab if L2TPv3 is chosen.

    When a tunnel group is established, the L2TPv3 Ethernet Sessions tab will list a single item.

To configure PPP on an L2TPv2 tunnel group profile:

PPP is required only for LNS L2TP tunnel group profiles and L2TP tunnel profiles.

  1. Click on the PPP tab and configure the required parameters.

  2. Configure the CHAP challenge length parameters, as required.

  3. Select an authentication policy in the Authentication Policy panel.

  4. If you did not choose an authentication policy in 3 , select a user database in the User Database panel.

  5. Select a default service ID in the Default Service ID panel.

  6. Select a default group interface in the Default Group Interface panel.

10 

To configure a tunnel profile on the L2TP tunnel group profile:

If you are modifying an existing tunnel profile, you can manually update the Tunnel Instance Endpoints list for the L2TP site after saving your changes. See Step 11 .

  1. Click on the Tunnel Profiles tab and click Create. The L2TP Tunnel Profile (Create) form opens.

    Failover recovery information can be configured locally or inherited from the parent tunnel group profile.

  2. Configure the v2 parameters as required:

    1. Select an LNS group in the LNS Group ID panel.

      You must choose an LNS group for the tunnel group profile or tunnel profile of the site that acts as the LNS.

    2. Click Select in the L2TP Radius Accounting Policy panel and choose a RADIUS accounting policy from the Select L2TP RADIUS Accounting Policy form.

    3. Click on the PPP tab and repeat Step 9 to configure PPP on the L2TP tunnel profile, as required.

    4. You only configure PPP for LNS L2TP tunnel group profiles and L2TP tunnel profiles.

      The values for the MTU, Keep-Alive Interval, Keep-Alive Multiplier, and CHAP Challenge Length Min and Max parameters can be inherited from the parent tunnel group profile.

    5. Click on the MLPPP tab and configure the required parameters.

      When Inherit from Tunnel Group Profile beside a parameter is enabled, the parameter value from the tunnel group profile is used. You must disable Inherit from Tunnel Group Profile beside a parameter before you can configure the parameter.

  3. Save your changes and close the forms.

11 

If the tunnel group profiles or tunnel profiles for the L2TP site have been modified, you can update the Tunnel Instance Endpoints list for the L2TP site.

Perform the following steps:

  1. Click on the Tunnel Instance Endpoints tab.

  2. Click Resync Tunnel Instance Endpoints. A warning message window opens.

  3. Click Yes.

12 

To configure an L2TP failover SRRP peer site:

Perform the following steps:

  1. Click on the Failover SRRP Peers tab.

  2. Click Create or select an existing L2TP peer and click Properties. The L2TP Failover SRRP Peer (Create|Edit) form opens.

  3. Select a peer address.

  4. Select a Track SRRP Instance.

  5. Configure the Sync Tag parameter.

  6. Save your changes and close the form.

13 

Save your changes and close the form.

End of steps