C613-16070-00 REV B

www.alliedtelesis.com

Introduction

This document covers a range of examples on how to configure Allied Telesis and Cisco routers

to interoperate over Layer 2 Tunnelling Protocol (L2TP). The two main components that make

up L2TP are the L2TP Access Concentrator (LAC), which is the device that physically terminates

a call and the L2TP Network Server (LNS), which is the device that terminates and potentially

authenticates the PPP stream.

What information will you find in this document?

This document contains the following sections:

• Example 1 - Cisco as LAC, Allied Telesis router as LNS, no RADIUS, on page 2

• Example 2 - Cisco as LAC, Allied Telesis router as LNS, using RADIUS to pass L2TP

parameters to the LAC, on page 4

• Example 3 - Cisco as LNS, Allied Telesis router as LAC, on page 7

• Example 4 - Cisco and Allied Telesis router as peers over a Virtual tunnel, on page 9

Which products and software versions does this information apply to?

•

Products:

Rapier, AT-8800, AT-8900, AT-9900, AT-9800 and SwitchBlade series switches

AR400 and AR700 series routers

• Software versions: 2.7.1 and later

Configure Allied Telesis and Cisco routers to

interoperate over L2TP

How To |

Configure Allied Telesis and Cisco routers to interoperate over L2TP 2

Example 1 - Cisco as LAC, Allied Telesis router as LNS, no

RADIUS

In this example the LAC is configured with a Virtual Private Dial-up Network (VPDN) group, which

specifies the IP address of the LNS and the L2TP username, and is associated with a matching entry

in the user database containing the password to send to the LNS for L2TP authentication.

Some points to note:

a On the Client router:

In this particular setup it is not really necessary to configure a username with a domain suffix as

it is being authenticated locally by the LNS rather than by RADIUS.

b On the LAC:

Under "vpdn-group 1" the local name "lac" is what the router will send to the LNS as its L2TP

username. If no local name is configured the router’s hostname will be used instead.

c On the LNS:

Allied Telesis routers do not have an equivalent to Cisco’s "local name" command. The system

name of the Allied Telesis router is always used as the L2TP username

Client Router Configuration

set system name="user"

add isdn call=l2tp number=12345 precedence=out

create ppp=0 idle=60 over=isdn-l2tp

set ppp=0 iprequest=on username="username@domain.com" password="password"

enable ip

enable ip remote

add ip int=ppp0 ip=0.0.0.0

add ip int=eth0 ip=192.168.1.1

Host

Client Router

Cisco LAC

AR Router LNS

ISDN

eth0

BRI0