With L2TPv3, Ethernet traffic (layer 2) is tunneled over UDP. This allows LANs to be connected across network and site boundaries.
This is particularly useful for bridging WLAN traffic on access points to a central concentrator by means of an L2TPv3 Ethernet tunnel. Without L2TPv3, this would require the use of a WLAN controller operating CAPWAP layer-3 tunnels. L2TPv3 does not require WLAN controllers and, for LMC-managed scenarios in particular, this allows WLAN traffic to be bridged through tunnels to the central site.
From LCOS 10.20, layer-3 Ethernet tunnels can be configured to use L2TPv3. This is configured in the L2TP endpoints table, available since version 2 of the protocol, and in the new L2TP Ethernet table. For a corresponding scenario, see Configuring a WLAN scenario for bridging payload data to the central site.
With LANconfig, you configure L2TP under .
For version 3, the configuration of the L2TP endpoints table under L2TP endpoints was enhanced with the following parameters:
- L2TP tunnel active
- Enables the configured L2TP tunnel.
- L2TP version
- The L2TP protocol version used, either version 2 or 3.
Important: Ethernet tunnels are only possible with version 3. In this case, be sure to set the protocol "L2TPv3" here.Note: L2TPv3 in the LCOS is always encapsulated in UDP. This allows transmissions to pass through NAT gateways without problem.
If you specify an IP address or a host name, an attempt is made to establish a connection. If the corresponding field is left blank, no connection is established, but connections can be accepted. Configured properties such as the station name or password are checked by the remote site when the connection is established.
- The host name transmitted by the remote site is checked to see whether it corresponds to a configured L2TP endpoint. The host name is configured in the L2TP endpoint table of the remote site under Host name. If this field is left blank, the device name is used for authentication instead.
- If this is the case, the connection is established using the configuration for the corresponding L2TP endpoint.
- If not, the L2TP endpoints table is checked to see if it contains a "wildcard" entry. This is an entry that contains no host/station name or routing tag. The connection is established using the configuration of the "wildcard" entry.
- If authentication is activated for the corresponding entry in the L2TP endpoints table, authentication is carried out based on the configured password.
- If the password field is empty and authentication is switched on, a RADIUS authentication is carried out.
- If authentication is turned off, a "wildcard" entry accepts any incoming tunnel accordingly.
Under L2TP Ethernet you link L2TPv3 sessions with one of the 16 L2TP virtual Ethernet interfaces. The L2TP virtual Ethernet interfaces can then be used elsewhere in the configuration, e.g. in the LAN bridge for linking to WLAN or LAN interfaces.
- Remote site
- Here you configure the name used to assign the Ethernet tunnel to the remote site. For each Ethernet tunnel, this name must be identical at both ends.
- L2TP endpoint
- Here you configure the name of the L2TP endpoint configured in the L2TP endpoints table. This causes an Ethernet tunnel session to be established via this endpoint. If connections are to be accepted only, and not actively established from this end, leaving this field blank allows any sessions to be accepted. Of course, these still need "to run" via an accepted/established endpoint from the L2TP endpoints table. This can be useful in scenarios where not every endpoint on the receiving side should be configured separately.
- Interface
- The virtual L2TP Ethernet interface to be used for the L2TPv3 session.
