User manual
Configuring L2TP Services
1-10
303532-A Rev 00
Security in an L2TP Network
You can configure two layers of security in an L2TP network:
• Tunnel authentication
Tunnel authentication is the process of negotiating the establishment of a
tunnel between the LAC and the LNS.
• User authentication
The network administrator at the corporate site can configure a RADIUS
server with the names and passwords of authorized users. The server’s
database centralizes the authentication function, eliminating the need to
configure each LNS with user names and passwords.
When the LNS receives a call, it forwards the user information to the
RADIUS server, which verifies whether the user is authorized to access the
network.
You can also configure the LNS to perform user authentication if a RADIUS
server is not part of the network configuration.
For more information about the Bay Networks implementation of tunnel and user
authentication, see “Tunnel Authentication
” on page 1-12 and “RADIUS User
Authentication” on page 1-14.