256{ L2TP tunnel sharing—Different users can share the same L2TP tunnel between the LACand the LTS. The LTS distributes data of different users to different LNSs.Figure 82 L2TP tunnel switching network diagramL2TP-based EADEAD authenticates PPP users that pass the access authentication. PPP users that pass EADauthentication can access network resources. PPP users that fail EAD authentication can onlyaccess the resources in the quarantine areas.EAD uses the following procedure:1. The iNode client uses L2TP to access the LNS. After the client passes the PPP authentication,the CAMS/IMC server assigns isolation ACLs to the LNS. The LNS uses the isolation ACLs tofilter incoming packets.2. After the IPCP negotiation, the LNS sends the IP address of the CAMS/IMC server to the iNodeclient. The server IP address is permitted by the isolation ACLs.3. The CAMS/IMC server authenticates the iNode client and performs security check for the iNodeclient. If the iNode client passes security check, the CAMS/IMC server assigns security ACLsfor the iNode client to the LNS. The iNode client can access network resources.Protocols and standards• RFC 1661, The Point-to-Point Protocol (PPP)• RFC 1918, Address Allocation for Private Internets• RFC 2661, Layer Two Tunneling Protocol "L2TP"• RFC 2868, RADIUS Attributes for Tunnel Protocol SupportRestrictions: Hardware compatibility with L2TPOnly CSPEX cards support L2TP.Restrictions and guidelines: L2TP configurationMake sure the statistics polling interval is 300 seconds when you configure L2TP. For moreinformation about the statistics polling interval, see Ethernet interface configuration in InterfaceConfiguration Guide.