5.
Enter 250000 in the IPsec Life Time kilobytes control
6.
Under the Authentication tab, select Pre-shared Key
7.
Select MyPSK in the Pre-shared Key control
8.
Under the Routing tab, check the following controls:
•
Allow DHCP over IPsec from single-host clients
•
Dynamically add route to the remote network when a tunnel is established
9.
Click OK
Now it is time to setup the L2TP Server. The inner IP address should be a part of the network which the clients
are assigned IP addresses from, in this lan_ip. The outer interface filter is the interface that the L2TP server will
accept connections on, this will be the earlier created l2tp_ipsec. ProxyARP also needs to be configured for the
IPs used by the L2TP Clients.
C. Setup the L2TP Tunnel:
Command-Line Interface
gw-world:/> add Interface L2TPServer l2tp_tunnel
IP=lan_ip
Interface=l2tp_ipsec
ServerIP=wan_ip
IPPool=l2tp_pool
TunnelProtocol=L2TP
AllowedRoutes=all-nets
ProxyARPInterfaces=lan
Web Interface
1.
Go to: Interfaces > L2TP Servers > Add > L2TPServer
2.
Enter a name for the L2TP tunnel, for example l2tp_tunnel
3.
Now enter:
•
Inner IP Address: lan_ip
•
Tunnel Protocol: L2TP
•
Outer Interface Filter: l2tp_ipsec
•
Server IP: wan_ip
4.
Under the PPP Parameters tab, check the Use User Authentication Rules control
5.
Select l2tp_pool in the IP Pool control
6.
Under the Add Route tab, select all-nets in the Allowed Networks control
7.
In the ProxyARP control, select the lan interface
8.
Click OK
In order to authenticate the users using the L2TP tunnel, a user authentication rule needs to be configured.
D. Next will be setting up the authentication rules:
Command-Line Interface
gw-world:/> add UserAuthRule AuthSource=Local
Interface=l2tp_tunnel
OriginatorIP=all-nets
LocalUserDB=UserDB
agent=PPP TerminatorIP=wan_ip
name=L2TP_Auth
Web Interface
9.5.2. L2TP Servers
Chapter 9. VPN
467
Summary of Contents for NetDefend DFL-1660
Page 28: ...1 3 NetDefendOS State Engine Packet Flow Chapter 1 NetDefendOS Overview 28 ...
Page 88: ...2 6 3 Restore to Factory Defaults Chapter 2 Management and Maintenance 88 ...
Page 166: ...3 10 DNS Chapter 3 Fundamentals 166 ...
Page 254: ...4 7 5 Advanced Settings for Transparent Mode Chapter 4 Routing 254 ...
Page 268: ...5 4 IP Pools Chapter 5 DHCP Services 268 ...
Page 368: ...6 7 Blacklisting Hosts and Networks Chapter 6 Security Mechanisms 368 ...
Page 390: ...7 4 7 SAT and FwdFast Rules Chapter 7 Address Translation 390 ...
Page 414: ...8 3 Customizing Authentication HTML Pages Chapter 8 User Authentication 414 ...
Page 490: ...9 8 6 Specific Symptoms Chapter 9 VPN 490 ...
Page 528: ...10 4 6 Setting Up SLB_SAT Rules Chapter 10 Traffic Management 528 ...
Page 544: ...11 7 HA Advanced Settings Chapter 11 High Availability 544 ...
Page 551: ...12 3 5 Limitations Chapter 12 ZoneDefense 551 ...
Page 574: ...Default 512 13 9 Miscellaneous Settings Chapter 13 Advanced Settings 574 ...
Page 575: ...13 9 Miscellaneous Settings Chapter 13 Advanced Settings 575 ...