|
If I understand you correctly, you want
a feature sometimes referred to as "tunnel switching" where L2TP
sessions are forwarded by the LAC to the LNS over other L2TP
tunnels. OpenL2TP does not support this feature.
It might be possible to use the OpenL2TP and PPP event scripts to
setup IP forwarding rules at the LAC, where the LAC has a PPP
instance terminating the connection from the client, and a PPP
instance used to connect with the LNS, for each user client
connection. Then, event scripts would setup IP forwarding rules to
route traffic from one PPP interface to another. The datapath
would look something like:-
Android client ------ L2TP ---------- ppp0 LAC ppp1 -------- L2TP
----------- ppp42 LNS
The ppp interfaces ppp0 and ppp1 at the LAC would be assigned IP
addresses. IP routing would cause traffic arriving on ppp0 to be
routed via ppp1 and vice versa.
However, the above would not be easy to setup and manage. It would
also not be scalable since you'd have two pppd instances for every
Android client connection at the LAC.
James
On 27/05/15 10:38, Ajay Garg wrote:
Hi All.
We are wishing to setup VPN via L2TP in an
end-to-end scenario.
However, we have some queries regarding the
integration of OpenL2TP in this end-to-end
scenario.
=== The intended scneario (Very High Level)
===
OpenL2TP-framework is set up, and an
end-point-client connects to this VPN.
=== The intended scneario (High Level) ===
LAC is set up on machine M1.
LNS is set up on machine M2.
Android Phone C1 connects to VPN, using M1
as the server in the credentials (please
correct me if I am wrong in this regard).
=== Queries ===
a)
Following static, pre-configured
settings have been done ::
On LAC (M1) ::
----------------------
1)
Peer-Profile(s) for C1 authentication
etc.
2)
PPP-Profile(s) for C1 authentication
etc.
3)
Tunnel-Profile(s), that will be used to
create M1 <--> M2 tunnels when
end-point-VPN-requests (calls) come in.
4)
Session-Profile(s), that will be used to
create M1 <--> M2 sessions when
end-point-VPN-requests (calls) come in.
On LNS (M2) ::
------------------------
No profile to be set up.
Will the above pre-configurations suffice, and cause
all tunnel/session creations to be done automatically
?
Or tunnel/session creations need to be created on the fly pseudo-manually
upon each incoming end-point-VPN-request ?
Hoping for a reply to the above, as it will help clear our
understanding of how openl2tp may fit into the larger scheme
of things.
------------------------------------------------------------------------------
_______________________________________________
Openl2tp-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openl2tp-users
|
------------------------------------------------------------------------------
_______________________________________________
Openl2tp-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openl2tp-users
