Hi James,
Thanks a ton for taking the time !!
Also, I am extremely sorry for not being clear before.
What we want is a simple vanilla setup as follows ::
Android Client (C1) ----- LAC (M1) ------ LNS (M2)
If I understand https://www.ietf.org/rfc/rfc2661.txt correctly, the C1 <-->
M1 path would be simple PPP, while the M1 <--> M2 path would be L2TP.
Implicit is the fact that M1 would be the L2TP-client, while M2 would be
the L2TP-server.
So, in the above, my base question remains the same :)
Will the above *pre-configurations* suffice, and cause all tunnel/session
creations to be done automatically, *without any further configuration* ?
Or tunnel/session creations need to be *configured AND created on the fly*
upon each incoming end-point-VPN-request ?
Thanks again for your time; hoping to hear more from you experts !!!
Thanks and Regards,
Ajay
On Wed, May 27, 2015 at 6:27 PM, James Chapman <[email protected]>
wrote:
> If I understand you correctly, you want a feature sometimes referred to
> as "tunnel switching" where L2TP sessions are forwarded by the LAC to the
> LNS over other L2TP tunnels. OpenL2TP does not support this feature.
>
> It might be possible to use the OpenL2TP and PPP event scripts to setup IP
> forwarding rules at the LAC, where the LAC has a PPP instance terminating
> the connection from the client, and a PPP instance used to connect with the
> LNS, for each user client connection. Then, event scripts would setup IP
> forwarding rules to route traffic from one PPP interface to another. The
> datapath would look something like:-
>
> Android client ------ L2TP ---------- ppp0 LAC ppp1 -------- L2TP
> ----------- ppp42 LNS
>
> The ppp interfaces ppp0 and ppp1 at the LAC would be assigned IP
> addresses. IP routing would cause traffic arriving on ppp0 to be routed via
> ppp1 and vice versa.
>
> However, the above would not be easy to setup and manage. It would also
> not be scalable since you'd have two pppd instances for every Android
> client connection at the LAC.
>
> James
>
>
> On 27/05/15 10:38, Ajay Garg wrote:
>
> Hi All.
>
> We are wishing to setup VPN via L2TP in an end-to-end scenario.
> However, we have some queries regarding the integration of OpenL2TP in
> this end-to-end scenario.
>
>
>
> === The intended scneario (Very High Level) ===
>
> OpenL2TP-framework is set up, and an end-point-client connects to this
> VPN.
>
>
>
> === The intended scneario (High Level) ===
>
> LAC is set up on machine M1.
> LNS is set up on machine M2.
>
>
> Android Phone C1 connects to VPN, using *M1 as the server in the
> credentials* (please correct me if I am wrong in this regard).
>
>
>
> === Queries ===
>
> a)
> Following *static, pre-configured* settings have been done ::
>
>
> On LAC (M1) ::
> ----------------------
>
> 1)
> Peer-Profile(s) for C1 authentication etc.
>
> 2)
> PPP-Profile(s) for C1 authentication etc.
>
> 3)
> Tunnel-Profile(s), that will be used to create M1 <--> M2
> tunnels when end-point-VPN-requests (calls) come in.
>
> 4)
> Session-Profile(s), that will be used to create M1 <--> M2
> sessions when end-point-VPN-requests (calls) come in.
>
>
>
> On LNS (M2) ::
> ------------------------
>
> No profile to be set up.
>
>
> Will the above *pre-configurations* suffice, and cause all
> tunnel/session creations to be done *automatically* ?
> Or tunnel/session creations need to be created on the fly
> *pseudo-manually* upon *each* incoming end-point-VPN-request ?
>
>
> Hoping for a reply to the above, as it will help clear our understanding
> of how openl2tp may fit into the larger scheme of things.
>
>
>
> Thanks and Regards,
> Ajay
>
>
> ------------------------------------------------------------------------------
>
>
>
> _______________________________________________
> Openl2tp-users mailing
> [email protected]https://lists.sourceforge.net/lists/listinfo/openl2tp-users
>
>
>
--
Regards,
Ajay
------------------------------------------------------------------------------
_______________________________________________
Openl2tp-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openl2tp-users
