1. Manuals
  2. Brands
  3. D-Link Manuals
  4. Firewall
  5. D DFL-500 DFL-500
  6. Manual

Pptp And L2Tp Vpns; Pptp Vpn Configuration - D-Link D DFL-500 DFL-500 Manual

Network security firewall
Hide thumbs
Table of Contents

Advertisement

PPTP and L2TP VPNs

Using PPTP and L2TP Virtual Private Networking (VPN), you can create a secure connection between a
client computer running Microsoft Windows and your internal network.
PPTP is a Windows VPN standard. You can use PPTP to connect computers running Windows to a DFL-500
NPG-protected private network without using third-party VPN client software.
L2TP combines Windows PPTP functionality with IPSec security. L2TP is supported by most recent versions
of Windows.
VPNs protect data passing through the secure tunnel by encrypting it to guarantee confidentiality. In addition,
authentication guarantees that the data originated from the claimed sender and was not damaged or altered
in transit. When the client computer is connected to the VPN tunnel, it seems to the user that the client
computer is directly connected to the internal network.
PPTP and L2TP VPNs are only supported in NAT/Route mode.
This chapter describes:

PPTP VPN configuration

L2TP VPN configuration
PPTP VPN configuration
PPTP clients must be able to authenticate with the DFL-500 NPG to start a PPTP session. To support PPTP
authentication, you must add a user group to the DFL-500 NPG configuration. This user group can contain
users added to the DFL-500 NPG user database, RADIUS servers, or both.
After you have added a user group, configure your DFL-500 NPG to support PPTP by enabling PPTP and
specifying a PPTP address range. The PPTP address range is the range of addresses that must be reserved
for remote PPTP clients. When a remote PPTP client connects to the internal network using PPTP, the client
computer is assigned an IP address from this range. The PPTP address range can be on any subnet.
Add firewall policies with an external source address to control the access that PPTP clients have through the
DFL-500 NPG.
Add the addresses in the PPTP address range to the external interface address list. To make policy
configuration easier, you can create an address group for PPTP that contains the IP addresses that can be
assigned to PPTP clients from the PPTP address range.
Add addresses to the internal interface address list to control the addresses to which PPTP clients can
connect.
You create Ext -> Int policies to control the access that PPTP users have through the DFL-500 NPG.
Set the service for the policy to the traffic type inside the PPTP VPN tunnel. For example, if you want PPTP
clients to be able to access a web server, set service to HTTP.
Make sure that your ISP supports PPTP connections.
DFL-500 User Manual
66

Advertisement

Table of Contents
loading

Related Manuals for D-Link D DFL-500 DFL-500

Related Content for D-Link D DFL-500 DFL-500

This manual is also suitable for:

Dfl-500

Table of Contents