friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8826eae394
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzaja_5.4.0.1/rzajal2tpprotocol.htm

78 lines
5.7 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Layer 2 Tunnel Protocol (L2TP)" />
<meta name="abstract" content="Use this information to learn about creating a VPN connection to secure communications between your network and remote clients." />
<meta name="description" content="Use this information to learn about creating a VPN connection to secure communications between your network and remote clients." />
<meta name="DC.Relation" scheme="URI" content="rzajavpnprotocols.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajaremoteuser.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajaremoteuser.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzajal2tpprotocol" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Layer 2 Tunnel Protocol (L2TP)</title>
</head>
<body id="rzajal2tpprotocol"><a name="rzajal2tpprotocol"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Layer 2 Tunnel Protocol (L2TP)</h1>
<div><p>Use this information to learn about creating a VPN connection to
secure communications between your network and remote clients.</p>
<p>Layer 2 Tunneling Protocol (L2TP) connections, which are also called virtual
lines, provide cost-effective access for remote users by allowing a corporate
network server to manage the IP addresses assigned to its remote users. Further,
L2TP connections provide secure access to your system or network when you
use them in conjunction with IP Security (IPSec).</p>
<p>L2TP supports two tunnel modes: the voluntary tunnel and the compulsory
tunnel. The major difference between these two tunnel modes is the endpoint.
On the voluntary tunnel, the tunnel ends at the remote client whereas the
compulsory tunnel ends at the ISP.</p>
<p>With an L2TP <span class="uicontrol">compulsory tunnel</span>, a remote host initiates
a connection to its Internet Service Provider (ISP). The ISP then establishes
an L2TP connection between the remote user and the corporate network. Although
the ISP establishes the connection, you decide how to protect the traffic
by using VPN. With a compulsory tunnel, the ISP must support LT2P.</p>
<p>With an L2TP <span class="uicontrol">voluntary tunnel</span>, the connection is
created by the remote user, typically by using an L2TP tunneling client. As
a result, the remote user sends L2TP packets to its ISP which forwards them
on to the corporate network. With a voluntary tunnel, the ISP does not need
to support L2TP. The scenario, Protect an L2TP voluntary tunnel with IPSec
provides you with an example of how to configure a branch office system to
connect to its corporate network through a gateway system with an L2TP tunnel
protected by VPN.</p>
<p>You can view a visual presentation about the concept of <a href="rzajal2tp_pres_wrapper.htm">L2TP voluntary tunnels protected
by IPSec</a>. This requires the <a href="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" target="_blank">Flash plug-in</a>. Alternatively, you can use the <a href="rzajal2tp_pres.htm">HTML version</a> of this presentation.</p>
<p>L2TP is actually a variation of an IP encapsulation protocol. The L2TP
tunnel is created by encapsulating an L2TP frame inside a User Datagram Protocol
(UDP) packet, which in turn is encapsulated inside an IP packet. The source
and destination addresses of this IP packet define the endpoints
of the connection. Because the outer encapsulating protocol is IP, you can
apply IPSec protocols to the composite IP packet. This protects the data that
flows within the L2TP tunnel. You can then apply Authentication Header (AH),
Encapsulated Security Payload (ESP), and the Internet Key Exchange (IKE) protocol
in a straightforward way.</p>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzajavpnprotocols.htm" title="It is important that you have at least a basic knowledge of standard VPN technologies. This topic provides you with conceptual information about the protocols VPN uses in its implementation.">VPN concepts</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rzajaremoteuser.htm" title="In this scenario, you learn how to setup a connection between a branch office host and a corporate office that uses L2TP protected by IPSec. The branch office has a dynamically assigned IP address, while the corporate office has a static, globally routable IP address.">Scenario: Protect an L2TP voluntary tunnel with IPSec</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink