McAfee UTM Firewall 4.0.4 Administration Guide
259
VPN menu features
L2TP VPN Client
• Each label (host or domain) can consist of alphabetic, numeric or hyphen '-' characters.
• Each label cannot begin or end with the hyphen '-' character.
• Can be an IP address in the form a.b.c.d
6
[Optional] Enter a Windows domain name to use for server authentication in the Domain field.
7
Enter a username in the Username field to use when logging in to the remote VPN. You may need to
obtain the username and password information from the system administrator of the remote PPTP server.
The username cannot start with @.
8
Enter the password in the Password field to use when logging in to the remote VPN. The password can
be one or more characters of any type.
9
Enter the password again in the Confirm Password field.
10
[Optional] To indicate which packets should go the remote network, enter a netmask number between 0
and 32 in the Subnet Mask for Remote network field. The netmask can also be written in the form
255.255.255.0.
Tip:
When you configure the Subnet Mask for Remote network, the L2TP Client connection automatically adds
a route to a remote network based on the IP address it receives from the server. This is useful if you have
services other than the remote L2TP server you want to access using the L2TP tunnel. It is recommended to
set this value of the network mask to the remote network.
You can also configure additional static routes accessible over the L2TP client VPN. Do not specify a gateway,
and select the L2TP client connection in the interface field. For more information on static routes, see
Creating
a static route
.
11
[Optional] Set the strength of encryption to use by selecting a Required Encryption Level from the
drop down menu.
12
[Optional] To use any DNS servers returned by the remote L2TP VPN server, select the Use Peer DNS
checkbox.
13
[Optional] To masquerade your local network behind the IP address on the remote network that the
remote L2TP server allocates the UTM Firewall appliance, select the NAT checkbox.
14
[Optional] Set the L2TP maximum transmission unit (MTU) to the desired value in the L2TP MTU field.
15
[Optional] If you have a single VPN and want traffic from your local network to be routed through the
tunnel instead of straight out onto the Internet, select the Make VPN the default route (single VPN
only) checkbox.
16
Click Finish. A L2TP status icon appears in the system tray informing you that you are connected.
You can now check your email, use the office printer, access shared files and computers on the network as
if you were physically on the LAN.
Depending on how your remote network is set up, some additional configuration may be required to enable
browsing the network (such as Network Neighborhood or My Network Places).
To disconnect, right-click the L2TP Status system tray icon and click Disconnect.
Browsing and name resolution using L2TP
Because the UTM Firewall does not forward broadcast packets across a network link, additional
configuration may be necessary to allow browsing and name resolution when logged into the UTM Firewall
using L2TP.
If you have a WINS or DNS server, you can browse the network and query the internal name server to
resolve internal names.
If you do not have a WINS server, you can use an LMHOSTS file. For example:
Summary of Contents for SG310
Page 1: ...McAfee UTM Firewall Administration Guide version 4 0 4...
Page 10: ...10 McAfee UTM Firewall 4 0 4 Administration Guide...
Page 148: ...148 McAfee UTM Firewall 4 0 4 Administration Guide Network Setup menu options SIP...
Page 372: ...372 McAfee UTM Firewall 4 0 4 Administration Guide System menu features Advanced menu...
Page 410: ...410 McAfee UTM Firewall 4 0 4 Administration Guide Index...
Page 411: ......
Page 412: ...700 2237A00...