manualshive.com logo in svg

Bay Networks 5393, User Manual, Page: 26 / 70

Share
Download
Bay Networks 5393 User Manual Download Page 26

119346-A Rev. A

    Release 5.1 Supplement for Remote Annexes

8

Bay Networks Vendor-Specific Attributes (VSAs)

These attributes enable RADIUS to emulate the behavior of the ACP
security regime:

Annex-Filter (VSA Bay Networks 28)

Annex-CLI-Command (VSA Bay Networks 29)

Annex-CLI-Filter (VSA Bay Networks 30)

Annex-Host-Restrict (VSA Bay Networks 31)

Annex-Host-Allow (VSA Bay Networks 32)

Annex-Product-Name (VSA Bay Networks 33)

Annex-SW-Version (VSA Bay Networks 34)

Annex-Local-IP-Address (VSA Bay Networks 35)

Annex-Tunnel-Type (VSA Bay Networks 36)

Annex-Tunnel-Medium-Type (VSA Bay Networks 37)

Annex-Tunnel-Client-Endpoint (VSA Bay Networks 38)

Annex-Tunnel-Server-Endpoint (VSA Bay Networks 39)

Annex-Tunnel-Id (VSA Bay Networks 40)

Annex-Tunnel-Connection-Id (VSA Bay Networks 41)

Annex-Callback-Port-List (VSA Bay Networks 42)

The RADIUS Dictionary File

A reference RADIUS dictionary file is included in the distribution kit and
is placed in the security files area. The dictionary file defines keywords,
types, and values for RADIUS attributes and their corresponding code
points. The file is in a format that is used as input by some RADIUS
servers to parse messages and write text output files. You may have
existing dictionaries with differences in the keyword names, and you may
want to evaluate the impact to your databases and output reports.

Summary of Contents for 5393

Page 1: ...Part No 119346 A Rev A October 1997 Marketing Release 5 1 Release 5 1 Supplement for Remote Annexes ...

Page 2: ...rnment is subject to restrictions as set forth in subparagraph c 1 ii of the Rights in Technical Data and Computer Software clause at DFARS 252 227 7013 Notwithstanding any other license agreement that may pertain to or accompany the delivery of this computer software the rights of the United States Government regarding its use reproduction and disclosure are as set forth in the Commercial Compute...

Page 3: ...IMITATION THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE In addition the program and information contained herein are licensed only pursuant to a license agreement that contains restrictions on use and disclosure that may incorporate by reference certain limitations and notices imposed by third parties ...

Page 4: ...l title and ownership in both the Software and user manuals including any revisions made by Bay Networks or its licensors The copyright notice must be reproduced and included with any copy of any portion of the Software or user manuals Licensee may not modify translate decompile disassemble use for any competitive analysis reverse engineer distribute or create derivative works from the Software or...

Page 5: ...that the functions contained in the software will meet the Licensee s requirements b that the Software will operate in the hardware or software combinations that the Licensee may select c that the operation of the Software will be uninterrupted or error free or d that all defects in the operation of the Software will be corrected Bay Networks is not obligated to remedy any Software defect that can...

Page 6: ... and the limitations set out in this license for civilian agencies and subparagraph c 1 ii of the Rights in Technical Data and Computer Software clause of DFARS 252 227 7013 for agencies of the Department of Defense or their successors whichever is applicable 6 Use of Software in the European Community This provision applies to all Software acquired for use within the European Community If License...

Page 7: ...h restricted or embargoed countries or ii provide the Software or related technical data or information to any military end user or for any military end use including the design development or production of any chemical nuclear or biological weapons 9 General If any provision of this Agreement is held to be invalid or unenforceable by a court of competent jurisdiction the remainder of the provisio...

Page 8: ... ENTIRE AND EXCLUSIVE AGREEMENT BETWEEN BAY NETWORKS AND LICENSEE WHICH SUPERSEDES ALL PRIOR ORAL AND WRITTEN AGREEMENTS AND COMMUNICATIONS BETWEEN THE PARTIES PERTAINING TO THE SUBJECT MATTER OF THIS AGREEMENT NO DIFFERENT OR ADDITIONAL TERMS WILL BE ENFORCEABLE AGAINST BAY NETWORKS UNLESS BAY NETWORKS GIVES ITS EXPRESS WRITTEN CONSENT INCLUDING AN EXPRESS WAIVER OF THE TERMS OF THIS AGREEMENT ...

Page 9: ...xes Configuring RADIUS Security 1 Using erpcd As a Proxy RADIUS Client 2 Using the Remote Annex s Native RADIUS Client 2 RADIUS Parameters 3 RADIUS Attributes 4 The RADIUS Dictionary File 8 Configuring Remote Annex Functions Using RADIUS 11 CLI Scripting 15 5393 and 6300 Functions 36 Using the Default Call Configuration 36 Configuring Session Parameter Blocks 37 Automated Firmware Download AFD 45 ...

Page 10: ...119346 A Rev A Contents viii ...

Page 11: ...ix 119346 A Rev A Tables Table 1 Remote Annex Automatic Services 12 Table 2 Remote Annex Port Mode Service Restrictions 14 Table 3 SPB Field Definitions 40 ...

Page 12: ...119346 A Rev A Tables x ...

Page 13: ...ninthisguidediscussesnew or revised features supported in Release 5 1 Before You Begin When administering a Remote Annex be sure to refer to this supplement for features supported in Release 5 1 If you want to Go to Configure RADIUS security page 1 Learn about Release 5 1 features for the Model 5393 and Model 6300 Remote Annex page 36 ...

Page 14: ...f commands and command syntax lowercase italics indicate variables for which the user supplies a value In command dialog square brackets indicate default values Pressing selects this value Square brackets appearing in command syntax indicate optional arguments In command syntax braces indicate that one and only one of the enclosed value must be entered In command syntax this character separates th...

Page 15: ...ta Link Control IP Internet Protocol IPCP Internet Protocol Control Protocol IPXCP IPX Control Protocol ISDN Integrated Services Digital Network L2TP Layer 2 Tunneling Protocol MMP Multi system Multilink PPP NAS Network Access Server PAP Password Authentication Protocol SPB Session Parameter Block PPP Point to Point Protocol PRI Primary Rate Interface SLIP Serial Line Internet Protocol TCP Transmi...

Page 16: ... Bay Networks Customer Service You can purchase a support contract from your Bay Networks distributor or authorized reseller or directly from Bay Networks Services For information about or to purchase a Bay Networks service contract either call your local Bay Networks field sales office or one of the following numbers Information about customer service is also available on the World Wide Web at su...

Page 17: ...r or reseller for assistance If you purchased a Bay Networks service program call one of the following Bay Networks Technical Solutions Centers Technical Solutions Center Telephone number Fax number Billerica MA 800 2LANWAN 978 916 3514 Santa Clara CA 800 2LANWAN 408 495 1188 Valbonne France 33 4 92 96 69 68 33 4 92 96 69 98 Sydney Australia 61 2 9927 8800 61 2 9927 8811 Tokyo Japan 81 3 5402 0180...

Page 18: ...119346 A Rev A About This Guide xvi ...

Page 19: ...nex in this case and a host based communication server RADIUS operates in three modes RADIUS Authentication includes authentication of the dial up user to the RADIUS server as well as authentication of the RADIUS server to the NAS RADIUS supports the authentication modes PAP Password Authentication Protocol CHAP Challenge Handshake Authentication Protocol and user name password validation Authoriz...

Page 20: ...lient and ACP also take place when the security regime is RADIUS Using erpcd As a Proxy RADIUS Client To configure security using erpcd as a proxy RADIUS client 1 Set enable_security to Y and set auth_protocol to acp 2 Configure the erpcd conf file on the pref_secure1_host This causes the Remote Annex to send ACP authentication and authorization requests to erpcd erpcd converts these requests to R...

Page 21: ...e_security This parameter must be set to Y for any security regime to work The parameter s default value is N pref_secure1_host This parameter must be set to the IP address of the primary RADIUS and RADIUS accounting server pref_secure2_host This parameter must be set to the IP address of the secondary RADIUS and RADIUS accounting server radius_acct_level This parameter indicates the level of RADI...

Page 22: ...fault value is 10 radius_secret This string defines the RADIUS shared secret for the Remote Annex By default the shared secret is unset radius_timeout This parameter specifies the retransmission timer for RADIUS access request accounting request packets The default value is 4 RADIUS Attributes RADIUS tracks various pieces of data using attributes The Remote Annex supports a number of standard RADI...

Page 23: ...ddress 4 NAS Port 5 Service Type 6 Framed Protocol 7 Framed IP Address 8 Framed IP Netmask 9 Framed Routing 10 Filter Id 11 Framed MTU 12 Framed Compression 13 Login IP Host 14 Login Service 15 Login TCP Port 16 Unassigned 17 Reply Message 18 Callback Number 19 Callback Id 20 Unassigned 21 Framed Route 22 Framed IPX Network 23 State 24 Class 25 Vendor Specific 26 Session Timeout 27 ...

Page 24: ...Action 29 Called Station Id 30 Calling Station Id 31 NAS Identifier 32 Proxy State 33 Login LAT Service 34 Login LAT Node 35 Login LAT Group 36 Framed AppleTalk Link 37 Framed Apple Talk Network 38 Framed AppleTalk Zone 39 CHAP Challenge 60 NAS Port Type 61 Port Limit 62 Login LAT Port 63 ...

Page 25: ...utes The RADIUS accounting attributes are Acct Status Type 40 Acct Delay Time 41 Acct Input Octets 42 Acct Output Octets 43 Acct Session Id 44 Acct Authentic 45 Acct Session Time 46 Acct Input Packets 47 Acct Output Packets 48 Acct Terminate Cause 49 Acct Multi Session Id 50 Acct Link Count 51 ...

Page 26: ... Bay Networks 37 Annex Tunnel Client Endpoint VSA Bay Networks 38 Annex Tunnel Server Endpoint VSA Bay Networks 39 Annex Tunnel Id VSA Bay Networks 40 Annex Tunnel Connection Id VSA Bay Networks 41 Annex Callback Port List VSA Bay Networks 42 The RADIUS Dictionary File A reference RADIUS dictionary file is included in the distribution kit and is placed in the security files area The dictionary fil...

Page 27: ...nce when adding or changing existing RADIUS dictionaries as needed Because this file is in the format of some of the popular RADIUS servers in some cases it can be used as a direct replacement However you should review the dependencies and make a decision on how to apply the differences A partial listing of the dictionary contents is shown below continued on next page ATTRIBUTE User Name 1 string ...

Page 28: ...vice Type Callback Framed User 4 VALUE Service Type Outbound User 5 VALUE Service Type Administrative User 6 VALUE Service Type NAS Prompt 7 VALUE Service Type Authenticate Only 8 VALUE Service Type Callback NAS Prompt 9 Framed Protocols VALUE Framed Protocol PPP 1 VALUE Framed Protocol SLIP 2 VALUE Framed Protocol ARAP 3 VALUE Framed Protocol Gandalf SL MLP 4 VALUE Framed Protocol IPX SLIP 5 ...

Page 29: ...s appear in braces 1 numbers for attributes appear in parentheses 1 and numbers for enumerations appear in brackets 1 End User and Session Identification The Remote Annex provides identification information to the RADIUS serverviaattributesincludedinAccess Requestpackets Access Request packets includes the following RADIUS attributes User Name 1 User Password 2 CHAP Password 3 NAS IP Address 4 NAS...

Page 30: ...net rlogin The Login IP Host 14 attribute specifies the Internet address to be connected to via telnet or rlogin If Login IP Host 14 is set to 0xff the user is prompted for a host If Login IP Host 14 is set to 0 the user is connected to the address stored in the Remote Annex port parameter dedicated_arguments Ifthelattermethodisused the Login TCP Port 16 attribute is ignored Service Type 6 Framed ...

Page 31: ... to connect to on the remote node or service The Login LAT Group 36 attribute is a bit mask of the LAT groups the user can access Service Hint and Restriction If the Remote Annex port is not in CLI mode whether the Remote Annex port auto detected a framing protocol slave or the port was configured for framing slave then the user is restricted to the profile returned by RADIUS If the RADIUS server ...

Page 32: ...RADIUSserver theuserisprompted for the number Specifying the callback number in the RADIUS server is more secure than having the user provide it at the prompt The Remote Annex dials back the user on the same channel on which he or she dialed in Dialback calls are reauthenticated and reauthorized as if they were new calls Service Type 6 Framed Protocol 7 Required Port Mode Service Login 1 Callback ...

Page 33: ...er of seconds the session can be idle before the Remote Annex unilaterally terminates thesession ThisfeatureisidenticaltothatprovidedbytheRemoteAnnex port parameter inactivity_timer CLI Scripting You can configure the user through RADIUS to execute a CLI script upon gaining access This feature uses the Annex CLI Command VSA Bay Networks 29 attribute to specify a list of CLI commands to run with ea...

Page 34: ...osite string value The first four bytes contain in networkorder theIPaddressthattheusershouldbespecificallyrestricted from using or allowed to use Trailing bytes that are zero are interpreted to match all values of that byte Thus 132 245 0 0 means everything on the 132 245 0 0 subnet while 0 0 0 0 means every host on the entire WAN The remainder of the string is a printable comma delimited list or...

Page 35: ...rotocol user can disable routing packets across the link with the Framed Routing 10 attribute The default behavior is to send and listen for routing packets across a link to a different subnet but not a link to the same subnet Note that because this attribute does not specify a network layer protocol or framing protocol the Remote Annex assumes that the attribute applies to all framing protocols P...

Page 36: ...n conjunction with the Annex Filter VSA Bay Networks 28 attribute Upon receiving a Filter Id 11 attribute the Remote Annex initiates another Access Request The Remote Annex then waits for an Access Accept 2 with the list of the actual filters supplied in Annex Filter VSA Bay Networks 28 attributes This method requires a corresponding pseudo user in the RADIUS server Nested Filter Id 11 attributes ...

Page 37: ...fic Network Layer Compression Protocols Network layer compression protocols can be configured using the Framed Compression 13 attribute OnlyVan JacobsonTCP IPheader compression is supported by the Remote Annex PAP PAP works as described in RFC 2058 CHAP CHAP works as described in RFC 2058 Note that the Remote Annex sends the CHAP challenge in both the CHAP Challenge 60 attribute and the authentica...

Page 38: ...e of the CHAP challenge Thus RADIUS can be used to authenticate L2TP tunnels using its existing CHAP mechanism The L2TP Access Request contains the following attributes User Name 1 CHAP Password 3 NAS IP Address 4 NAS Port 5 VPN 5000 index Service Type 6 Acct Delay Time 41 CHAP Challenge 60 Annex Product Name VSA Bay Networks 33 Annex SW Version VSA Bay Networks 34 Annex Tunnel Type VSA Bay Networ...

Page 39: ...l port IP address using the Annex Local IP Address VSA Bay Networks 35 attribute if the admin address_origin port parameter is set to acp or auth_server If an address is returned by the RADIUS server then the Remote Annex insists on using that address or it does not allow IPCP to come up If however 255 255 255 255 is specified then the Remote Annex allows the peer to set the address If 255 255 255...

Page 40: ...ed by the RADIUS server then the Remote Annex uses that address If however 255 255 255 254 is specified then the Remote Annex gets the address using DHCP If the attribute is not specified then the Remote Annex falls back to the local_address admin port parameter Challenge Response Mechanisms The Remote Annex supports the standard RADIUS Challenge Response Mechanisms through the use of the Access C...

Page 41: ...unting Request 4 packetwhenAcct Status Type 40 IPCP Start VSEBayNetworks3 becausetheactualnegotiated address is not known at authentication time Events This section describes the events that trigger RADIUS Accounting from the Remote Annex Each RADIUS Accounting log is queued for transmission andoncetransmitted requeuedforacknowledgment When the Remote Annex receives the corresponding Accounting Re...

Page 42: ...in this log User Name 1 NAS IP Address 4 NAS Port 5 Service Type 6 Framed Protocol 7 Login IP Host 14 Login Service 15 Login TCP Port 16 Callback Number 19 Only if this starts a dialback session Class 25 Called Station Id 30 Calling Station Id 31 Login LAT Service 34 Login LAT Node 35 Login LAT Group 36 Acct Delay Time 41 Acct Session Id 44 Acct Authentic 45 Acct Multi Session Id 50 Acct Link Coun...

Page 43: ...cable in this log User Name 1 NAS IP Address 4 NAS Port 5 Service Type 6 Use Callback type if the user will be called back next otherwise normal Framed Protocol 7 Callback Number 19 Only if the user will be called back next Class 25 Acct Delay Time 41 Acct Input Octets 42 Acct Output Octets 43 Acct Session Id 44 Acct Session Time 46 Acct Input Packets 47 Acct Output Packets 48 Acct Terminate Cause...

Page 44: ...ble in this log NAS IP Address 4 Acct Delay Time 41 Annex Product Name VSA Bay Networks 33 Annex SW Version VSA Bay Networks 34 NAS Reboot Down The Remote Annex creates a log entry whenever the Remote Annex is about to go down and reboot In this case Acct Status Type 40 Accounting Off 8 The Remote Annex includes the following attributes when applicable in this log NAS IP Address 4 Acct Delay Time ...

Page 45: ...licable in this log NAS IP Address 4 Acct Delay Time 41 Annex Product Name VSA Bay Networks 33 Annex SW Version VSA Bay Networks 34 NAS Accounting Stop The Remote Annex creates a log entry whenever the Remote Annex stops RADIUS Accounting This occurs when security is turned off and reset after initially being on In these cases Acct Status Type 40 Accounting Shutoff VSE Bay Networks 7 The Remote An...

Page 46: ...this case Acct Status Type 40 User Reject VSE Bay Networks 1 The Remote Annex also includes the following attributes in this log User Name 1 NAS IP Address 4 NAS Port 5 Service Type 6 Framed Protocol 7 Class 25 Called Station Id 30 Calling Station Id 31 Acct Delay Time 41 Acct Authentic 45 NAS Port Type 61 Annex Product Name VSA Bay Networks 33 Annex SW Version VSA Bay Networks 34 ...

Page 47: ...g NAS IP Address 4 NAS Port 5 Called Station Id 30 Calling Station Id 31 Acct Delay Time 41 NAS Port Type 61 Call Reject The Remote Annex creates a log entry whenever it rejects an incoming call before user authentication In this case Acct Status Type 40 Call Reject VSE Bay Networks 2 The Remote Annex also includes the following attributes when applicable in this log NAS IP Address 4 NAS Port 5 Ca...

Page 48: ...ng Station Id 31 Acct Delay Time 41 NAS Port Type 61 IPCP Start The Remote Annex creates a log entry whenever a PPP session starts IPCP The log contains the negotiated IP address In this case Acct Status Type 40 IPCP Start VSE Bay Networks 3 The Remote Annex also includes the following attributes when applicable in this log NAS IP Address 4 NAS Port 5 Service Type 6 Framed Protocol 7 Framed IP Add...

Page 49: ...hen applicable in this log NAS IP Address 4 NAS Port 5 Framed IPX Network 23 Class 25 Acct Delay Time 41 Acct Session Id 44 Acct Multi Session Id 50 NAS Port Type 61 ATCP Start The Remote Annex creates a log entry whenever a PPP session starts ATCP In this case Acct Status Type 40 ATCP Start VSE Bay Networks 5 The Remote Annex also includes the following attributes when applicable in this log NAS ...

Page 50: ...works 37 Annex Tunnel Client Endpoint VSA Bay Networks 38 Annex Tunnel Server Endpoint VSA Bay Networks 39 Annex Tunnel Id VSA Bay Networks 40 Tunnel Stop The Remote Annex creates a log entry whenever an L2TP tunnel is destroyed When an L2TP tunnel is destroyed the log contains Acct Status Type 40 Tunnel Stop VSE Bay Networks 9 The Remote Annex also includes the following attributes when applicabl...

Page 51: ...ex Tunnel Type VSA Bay Networks 36 Annex Tunnel Medium Type VSA Bay Networks 37 Annex Tunnel Client Endpoint VSA Bay Networks 38 Annex Tunnel Server Endpoint VSA Bay Networks 39 Annex Tunnel Id VSA Bay Networks 40 MP Start The Remote Annex creates a log entry whenever an MP bundle is created For MMP this will be logged only on the LNS In this case Acct Status Type 40 MP Start VSE Bay Networks 13 T...

Page 52: ...t occurred Whenever a RADIUS Accounting Request is issued by the Remote Annex the Remote Annex records the difference in time now occurrence and places the result in the Acct Delay Time 41 attribute Each session in the Remote Annex retains a timestamp of the start of the session When the session ends the Remote Annex records the difference in time finish start and places the result in the Acct Ses...

Page 53: ...nique MP Bundle Identifier equal to the Session Identifier of the first link of the bundle This identifier is placed in the Acct Multi Session Id 50 attribute MultiSession Link Count Each MP session records the number of links it has used in the Acct Link Count 51 attribute Authentication Method RADIUS Accounting logs only users that are authenticated via RADIUS This means that Acct Authentic 45 R...

Page 54: ...ccess 5393 and 6300 Functions The following functions have been implemented for the Model 5393 and Model 6300 Remote Annexes Default Call Configuration Session Parameter Blocks SPBs Automated Firmware Download AFD Multi System Multilink PPP Using the Default Call Configuration When delivered to you the Remote Annex is configured to detect automatically the type of call TA V 120 V 110 or X 75 synch...

Page 55: ...e operational with this default configuration the only requirements are that you set the switch type and any other interface parameter whose factory defaults do not match the service options provided by the telco for your ISDN PRI lines Configuring Session Parameter Blocks You define SPBs in the pri section of the configuration file on the host you use to download Remote Annex software By default ...

Page 56: ...on you can omit this section of the SPB How SPBs Are Scanned When it receives a call the Remote Annex tries to match the SETUP information elements of the call with setup criteria values defined in the SPBs The Remote Annex searches SPBs in the order that they appear in the configuration file so the sequence in which you specify SPBs is important You should order your SPBs from the most specific t...

Page 57: ...mat when entering an SPB into the configuration file Table 3 describes all possible SPB fields Unless otherwise noted each field is optional this is a comment line begin_session session_name calling_no phone number called_no phone number called_subaddress number bearer voice or data detected detection keyword call_action action max_number_of_calls integer acp_log yes or no rate56k yes or no set pa...

Page 58: ...ne number that identifies the origin of the ISDN call Specify the entire number including the area code even if it would not normally be required to make the call Separate the area code from the rest of the phone number with a dash or enclose the area code in parentheses No wild card symbols are permitted and white space is ignored If this field is omitted any calling number is permitted Sometimes...

Page 59: ...he phone number with a dash or enclose the area code in parentheses No wild cards are permitted White space is ignored Note The ACP log file shows the called number delivered by the switch for PRI protocols The log file may contain only the final digits of the number If this field is omitted any called number matches this SPB called_subaddress This field is appropriate only for end to end calls us...

Page 60: ...ected sync_ppp which matches when synchronous PPP calls PPP LCP Configure Request over HDLC are detected 56 which matches all calls when the line speed is 56 Kb s 64 which matches when the line speed is 64 Kb s any which matches any call whether or not a call_action field is set to detect in another SPB This is the default You can combine keywords to produce a less restrictive SPB than one contain...

Page 61: ... detected frame type and indicates how to handle the call Do not use the rate56k or set fields see below in an SPB containing a call_action of detect reject which rejects the call modem which handles the call as a modem call v120 which handles the call as a V 120 call sync which handles the call as a synchronous PPP call The default is detect which means that all calls are accepted it is impossibl...

Page 62: ...e or Australia and are having problems receiving calls from the U S In this situation the telco sometimes fails to specify the correct data rate In all other situations specify no set Specifies a port parameter setting that is applied to the session The syntax is set parameter parameter_value You can specify multiple set commands These settings override the values in nonvolatile memory while the s...

Page 63: ...f operation normal download and never download When normal download is enabled AFD attempts to download if the current revision of the firmware is outdated or if it is inappropriate for the switch type in use Also AFD attempts to download firmware if a Remote Annex module is marked as failed by diagnostics regardless of what mode is specified AFD does not attempt any download in never download mod...

Page 64: ...downloading firmware You can use the following entry to disable AFD Note that download pri never and download wan never perform the same function download pri never has been retained to ensure backward compatibility with earlier releases of the software gateway download pri never prevent download of pri module Console Port Status Messages Various status messages may be displayed in the console win...

Page 65: ...d in progress AFD executing view syslog for status version strings or error s download in progress AFD executing LOADING internal pri module firmware view syslog for status version strings or error s afd done with no download attempted AFD completed view syslog for status version strings or error s afd done with download completed AFD completed ABORTED loading internal pri module firmware or SUCCE...

Page 66: ...receive no information about which Remote Annex terminates a given MP link The location of the MP bundle head is determined by the bundle discovery protocol The Layer 2 Tunneling Protocol L2TP is used to tunnel MP links to remote MP bundle heads ensuring that successive links on one Remote Annex in an MMP group are combined into the same bundle as the primary link on another Remote Annex MMP is di...

Page 67: ...he port parameters mp_endpoint_class and mp_endpoint_address All the Remote Annexes in an MMP group must have the same mp_endpoint_class and the same mp_endpoint_address WhenMMPisenabledandmp_endpoint_class is set to loc or psndn the mp_endpoint_address parameter indicates an endpoint discriminator address which is the number of the hunt group or the name of the rotary served by the MMP group Refe...

Page 68: ...urrent Remote Annex becomes the MP bundle head If the Bundle Discovery Protocol locates an existing MP bundle for the remote user the current MPlinkbecomesasecondaryMPlink IftheMPbundleheadisadifferent Remote Annex the current link is tunnelled to that MP bundle head via L2TPandbecomesavirtuallink virtuallinksarealwayssecondarylinks Secondary MP links are combined with the primary MP link to form ...

Page 69: ...oint_class parameter 49 Multi system Multilink PPP connections 49 groups 49 Multi system Multilink PPP MMP 36 48 P pref_secure1_host parameter 3 pref_secure2_host parameter 3 printing conventions xii publications ordering xiv R RADIUS 1 configuring 1 configuring RAC functions 11 dictionary file 8 modes 1 native client 2 overview 1 parameters 3 supported attributes 4 radius_acct_level parameter 3 r...

Page 70: ...Index 119346 A Rev A Index 2 ...

Reviews:

No comments