Funkwerk bintec R230a User manual
Copyright ©April 20, 2006 Funkwerk Enterprise Communications GmbH
Version 2.0
User’s Guide
bintec R230a / R230aw / R232b / R232bw
L2TP
Purpose This document is part of the user’s guide to the installation and configuration of bintec gateways run-
ning software release 7.2.10 or later. For up-to-the-minute information and instructions concerning the
latest software release, you should always read our Release Notes, especially when carrying out a
software update to a later release level. The latest Release Notes can be found at www.funkwerk-
ec.com.
Liability While every effort has been made to ensure the accuracy of all information in this manual, Funkwerk
Enterprise Communications GmbH cannot assume liability to any party for any loss or damage caused
by errors or omissions or by statements of any kind in this document and is only liable within the scope
of its terms of sale and delivery.
The information in this manual is subject to change without notice. Additional information, changes and
Release Notes for bintec gateways can be found at www.funkwerk-ec.com.
As multiprotocol gateways, bintec gateways set up WAN connections in accordance with the system
configuration. To prevent unintentional charges accumulating, the operation of the product should be
carefully monitored. Funkwerk Enterprise Communications GmbH accepts no liability for loss of data,
unintentional connection costs and damages resulting from unsupervised operation of the product.
Trademarks bintec and the bintec logo are registered trademarks of Funkwerk Enterprise Communications GmbH.
Other product names and trademarks mentioned are usually the property of the respective companies
and manufacturers.
Copyright All rights are reserved. No part of this publication may be reproduced or transmitted in any form or by
any means – graphic, electronic, or mechanical – including photocopying, recording in any medium,
taping, or storage in information retrieval systems, without the prior written permission of Funkwerk En-
terprise Communications GmbH. Adaptation and especially translation of the document is inadmissible
without the prior consent of Funkwerk Enterprise Communications GmbH.
Guidelines and standards bintec gateways comply with the following guidelines and standards:
R&TTE Directive 1999/5/EG
CE marking for all EU countries and Switzerland
You will find detailed information in the Declarations of Conformity at www.funkwerk-ec.com.
How to reach Funkwerk
Enterprise Communications
GmbH
Funkwerk Enterprise Communications GmbH
Suedwestpark 94
D-90449 Nuremberg
Germany
Telephone: +49 180 300 9191 0
Fax: +49 180 300 9193 0
Internet: www.funkwerk-ec.com
Bintec France
6/8 Avenue de la Grande Lande
F-33174 Gradignan
France
Telephone: +33 5 57 35 63 00
Fax: +33 5 56 89 14 05
Internet: www.bintec.fr
L2TP bintec User’s Guide 1
1L2TP Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
2Static settings Submenu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
3Tunnel profiles Submenu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Index: L2TP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
2 bintec User’s Guide L2TP
L2TP bintec User’s Guide 3
L2TP Menu 1
1L2TPMenu
The fields of the L2TP menu are described below.
The Layer 2 Tunneling Protocol allows tunneling PPP connections through a
UDP connection.
The bintec implementation covers the L2TP Network Server (LNS) functions as
well as the functions of a client L2TP Access Concentrator (LAC client). A client
LAC is able to locally encapsulate the PPP data in L2TP. Thus, it is possible to
use L2TP no matter how hosts in a LAN are connected to the gateway. Pres-
ently our gateways support L2TP tunnels over UDP connections only.
bintec gateways support the following two L2TP modes:
■L2TP LNS Mode: only for incoming connections
■L2TP LAC Mode: only for outgoing connections
To use L2TP a respective WAN Partner must be configured in the WAN
PARTNER ➜ADD/EDIT menu and the required option - PPP over L2TP (LNS
mode) or PPP over L2TP (LAC mode) - selected in the WAN partner’s
ADVANCED SETTINGS menu. It is also necessary to choose an L2TP TUNNEL
PROFILE. The list of profiles you can choose from is created in the L2TP menu
which is accessible from the Setup Tool main menu.
The L2TP menu contains the following submenus:
■STATIC SETTINGS
■TUNNEL PROFILES
R232bw Setup Tool Funkwerk Enterprise Communications GmbH
[L2TP]: L2TP Configuration MyGateway
Static settings
Tunnel profiles
EXIT
1
4 bintec User’s Guide L2TP
L2TP Menu
L2TP bintec User’s Guide 5
Static settings Submenu 2
2 Static settings Submenu
The fields of the STATIC SETTINGS menu are described below.
In the L2TP ➜STATIC SETTINGS menu basic options for the LNS (L2TP network
server) are configured.
The submenu STATIC SETTINGS offers the following configuration options:
Table 2-1: L2TP ➜STATIC SETTINGS
R232bw Setup Tool Funkwerk Enterprise Communications GmbH
[L2TP][STATIC]: L2TP Static Settings MyGateway
UDP port number for LNS mode 1701
Port usage for LNS mode floating
SAVE CANCEL
Field Description
UDP port number for LNS
mode
This is the port monitored by the LNS for
incoming L2TP tunnel connections. Available
values are all integers from 1to 65535, the
default value is 1701 as detailed in RFC 2661.
Port usage for LNS mode This parameter determines if the LNS will only
use the monitored port (UDP PORT NUMBER FOR
LNS MODE) as local source port for the L2TP
connection (single) or if it chooses one of the
available free ports (floating, default value).
2
6 bintec User’s Guide L2TP
Static settings Submenu
L2TP bintec User’s Guide 7
Tunnel profiles Submenu 3
3 Tunnel profiles Submenu
The fields of the TUNNEL PROFILES menu are described below.
The L2TP ➜TUNNEL PROFILES menu displays a list of all already configured tun-
nel profiles for L2TP connections.
The L2TP tunnel profiles are created or edited in the L2TP ➜TUNNEL PROFILES
➜ADD/EDIT submenu.
R232bw Setup Tool Funkwerk Enterprise Communications GmbH
[L2TP][TUNNEL PROFILES]: Configure L2TP tunnels MyGateway
Prfl Name Main Rem IP Add Rem port Rem Hostnm Loc Hostnm Password
l2tp1 80.80.80.80 1701 server client pwd
ADD DELETE EXIT
3
8 bintec User’s Guide L2TP
Tunnel profiles Submenu
Note the following when configuring server and client:
■On both sides (LAC and LNS) a tunnel profile has to be configured:
– On the LAC side (initiator) the respective L2TP tunnel profile is refer-
enced in the corresponding WAN partner and us used for setting up the
connection.
– On the LNS side (responder) the L2TP tunnel profile is used for accept-
ing the connection.
■(LAC only) fields are only to be configured on the LAC side.
It offers the following configuration options:
R232bw Setup Tool Funkwerk Enterprise Communications GmbH
[L2TP][TUNNEL PROFILES][ADD]: Configure L2TP tunnels MyGateway
Profile Name l2tp1
Local IP Address
Local UDP Port (LAC only) 0
Local Hostname
Remote IP addresses through Radius (LAC only) disabled
Remote IP Address - main (LAC only)
Remote IP Address - backup (LAC only)
Remote UDP Port (LAC only) 1701
Remote Hostname
Tunnel Password
Hello Interval 30
Data Packets Sequence Numbers disabled
Minimum Time Between Retries 1
Maximum Time Between Retries 16
Maximum Retry Count 5
SAVE CANCEL
Field Description
Profile Name Here you can enter a description for the current
profile.
The gateway automatically numbers the pro-
files "l2tp..", but this value can be changed.
L2TP bintec User’s Guide 9
Tunnel profiles Submenu 3
Local IP Address Here you enter the IP address that will be used
as source address for all L2TP connections
based on this profile. If left blank, the gateway
uses the IP address of the interface via which
the L2TP tunnel reaches REMOTE IP ADDRESS
(LAC ONLY).
Local UDP Port (LAC
only)
Here you can enter the port number that is
used as source port for all outgoing L2TP con-
nections based on this profile.
Available values are 0to 65535; the default
value 0means that ports will be dynamically
allocated to connections using this profile.
Local Hostname Here you enter the host name for LNS resp.
LAC:
■LAC: The LOCAL HOSTNAME is included in
outgoing tunnel establishment messages
for identifying this gateway and is compared
with the REMOTE HOSTNAME of one of the
L2TP tunnel profiles configured at the LNS.
These messages are the SCCRQs (Start
Control Connection Request) sent by the
LAC and SCCRPs (Start Control Connec-
tion Reply) sent by the LNS.
The LNS uses this parameter to match the
incoming SCCRQ to one of the available
L2TP profiles.
■LNS: Equals the REMOTE HOSTNAME includ-
ed in the incoming tunnel establishment
message sent by the LAC.
The maximum length of the entry is 35 charac-
ters.
Field Description
3
10 bintec User’s Guide L2TP
Tunnel profiles Submenu
Remote IP addresses
through Radius (LAC
only)
Here you define whether to use RADIUS to
request REMOTE IP ADDRESS - MAIN and REMOTE
IP ADDRESS - BACKUP (enabled) or not (dis-
abled, default value).
Remote IP Address (LAC
only)
Only for REMOTE IP ADDRESSES THROUGH RADIUS
(LAC ONLY)= disabled
Here you must enter the static IP address of the
LNS used as destination address for connec-
tions based on this profile. The destination
must be a device capable of acting as LNS.
Remote IP Address
- backup (LAC only)
Only for REMOTE IP ADDRESSES THROUGH RADIUS
(LAC ONLY)= disabled
Here you can enter a backup IP address for
REMOTE IP ADDRESS - MAIN.
Remote UDP Port (LAC
only)
Here you enter the destination port number
used for all calls based on this profile.
Note: The remote LNS that receives the call
must be listening for L2TP connections on this
port, see L2TP ➜STATIC SETTINGS ➜UDP PORT
NUMBER FOR LNS MODE.
Possible values are 0... 65535.
Default value is 1701.
Field Description
L2TP bintec User’s Guide 11
Tunnel profiles Submenu 3
Remote Hostname Here you enter the host name of the LNS resp.
LAC:
■LAC: Defines the Local Hostname of the
LNS (included in the SCCRQs received by
the LNS and SCCRPs received by the
LAC).
The LOCAL HOSTNAME configured on the
LAC has to match the REMOTE HOSTNAME
configured for the intended profile on the
LNS, and vice versa.
■LNS: Defines the LOCAL HOSTNAME of the
LAC. A blank REMOTE HOSTNAME specified
on the LNS qualifies the associated profile
as a default entry that is used for all incom-
ing calls for which no profile with a matching
REMOTE HOSTNAME can be found.
The maximum length of the entry is 35 charac-
ters.
Tunnel Password Here you enter the password that is used for
tunnel authentication. Authentication between
LAC and LNS is two-way, i.e. the LNS checks
the LOCAL HOSTNAME and the TUNNEL
PASSWORD contained in the LAC SCCRQ
against the ones specified in the relevant pro-
file. The LAC does the same for the respective
fields of the LNS SCCRP.
If this field is left blank, authentication data will
neither be sent nor considered in tunnel estab-
lishment messages.
Field Description
3
12 bintec User’s Guide L2TP
Tunnel profiles Submenu
Hello Interval Here you enter the interval (in seconds)
between sending two L2TP HELLO messages
in order to keep the tunnel open.
Available values are 0to 255, the default value
is 30. A value of 0means that no L2TP HELLO
messages are sent.
Data Packets Sequence
Numbers
Here you can choose if the gateway uses
sequence numbers for data packets sent
through a tunnel based on this profile.
Function not used at present.
Available choices are disabled (default value)
and enabled.
Minimum Time Between
Retries
Here you enter the minimum time (in seconds)
the gateway waits before resending an L2TP
control packet to which it has received no reply.
Wait time will be dynamically increased until it
reaches the MAXIMUM TIME BETWEEN RETRIES.
Independently of the current wait time, no more
retries are sent if MAXIMUM RETRY COUNT has
been reached.
Available values are 1to 255, the default value
is 1.
Maximum Time Between
Retries
Here you enter the maximum time (in seconds)
the gateway waits before resending an L2TP
control packet to which it has received no reply.
Available values are 8to 255, the default value
is 16.
Field Description
L2TP bintec User’s Guide 13
Tunnel profiles Submenu 3
Table 3-1: L2TP ➜TUNNEL PROFILES ➜ADD/EDIT
Maximum Retry Count Here you enter the maximum number of times
the gateway retransmits an L2TP control
packet it has not received an acknowledgement
for. If this number is reached without receiving
a reply, the tunnel times out.
Available values are 1to 255, the default value
is 5.
Field Description
3
14 bintec User’s Guide L2TP
Tunnel profiles Submenu
L2TP bintec User’s Guide 15
Index: L2TP
D
Data Packets Sequence Numbers 12
H
Hello Interval 12
L
LAC 3, 8
Layer 2 Tunneling Protocol 3
LNS 3, 5, 8
Local Hostname 9
Local IP Address 9
Local UDP Port (LAC only) 9
M
Maximum Retry Count 13
Maximum Time Between Retries 12
Minimum Time Between Retries 12
P
Port usage for LNS mode 5
PPP over L2TP (LAC mode) 3
PPP over L2TP (LNS mode) 3
Profile Name 8
R
Remote Hostname 11
Remote IP Address - backup (LAC only) 10
Remote IP Address (LAC only) 10
Remote IP addresses through Radius (LAC only) 10
Remote UDP Port (LAC only) 10
S
SCCRPs 9
SCCRQs 9
T
Tunnel Password 11
tunnel profiles 7
U
UDP port number for LNS mode 5
16 bintec User’s Guide L2TP
Other manuals for bintec R230a
8
This manual suits for next models
5
Table of contents
Other Funkwerk Network Router manuals
Funkwerk
Funkwerk bintec R230a User manual
Funkwerk
Funkwerk R3400 User manual
Funkwerk
Funkwerk elmeg t444 User manual
Funkwerk
Funkwerk bintec R4100 User manual
Funkwerk
Funkwerk R3000w User manual
Funkwerk
Funkwerk bintec R1200 User manual
Funkwerk
Funkwerk bintec R4100 User manual
Funkwerk
Funkwerk bintec R230a User manual
Funkwerk
Funkwerk bintec R1200 User manual
Funkwerk
Funkwerk bintec R230a Instruction manual
