NetScreen SSG5 based on L2TP protocol dial-up platform

Introduction of tunnel technology and L2TP tunnel

There are many types of tunneling protocols, and different tunneling protocols work at different TCP/IP layers

Tunneling Technology (tunneling)

The basic process of tunneling technology is to encapsulate the data (which can be data link layer or network layer data in the ISO seven-layer model) as a load in a data format that can be transmitted on the public network in the interface between the source and public networks. The data is encapsulated in the interface between the destination LAN and the public network, and the load is extracted. The logical path that the encapsulated packet passes over the internet is called a "tunnel" (tunnel).

The communication protocol is the core of the guarantee for the data to be encapsulated, transmitted and encapsulated smoothly. At present, there are 4 kinds of VPN tunneling protocols: Point-to-Point Tunneling Protocol, Second Layer Tunneling Protocol, Network Layer Tunneling Protocol and SOCKS V5 protocol. Among them, PPTP and L2TP work at the data Link layer, IPSec works at the network layer, sock V5 works at the session layer. Each protocol work in the TCP/IP layer, different network environment suitable for different protocols, in the selection of VPN products, should pay attention to the choice.

The IPSec protocol is a wide, open VPN security protocol that works in the third layer of the OSI model-the network layer.

The IPSec protocol is actually a set of protocols rather than a single protocol.

Ipsecl2tppptp

The L2TP tunnel (L2TP tunnel) refers to the logical link between the second-tier Tunneling Protocol (L2TP) endpoints: LAC (L2TP access aggregator) and LNS (L2TP network server). When LNS is a server, LAC is the initiator of the tunnel and waits for the new tunnel. Once a tunnel is established, the new communication between this point will be two-way. In order to be useful to the network, high-level protocols such as Point-to-Point Protocol (PPP) are then passed through the L2TP tunnel.

The L2TP protocol combines the advantages of the PPTP protocol and the L2F (Layer 2 Forwarding) protocol and supports multi-channel tunneling, which enables users to access both the Internet and the Enterprise network.

Configure L2TP with NetScreen SSG5

Experiment Effect Chart:

Experimental purposes: Through the L2TP way dial-up to IDC room SSG5, automatic access to 192.168.24.0/24 network segment IP address, so 192.168.24.0/24 this network segment can access to company internal network and IDC room Internal network, and connect to the Internet through IDC network environment