Setting Up An L2Tp Tunnel - D-Link NetDefend DFL-210 User Manual

Network security firewall ver. 1.05
Hide thumbs Also See for NetDefend DFL-210:
Table of Contents

Advertisement

9.4.2. L2TP
2.
Enter a suitable name for the L2TP Server, for instance MyL2TPServer.
3.
Now enter:
Inner IP Address: ip_l2tp
Tunnel Protocol: L2TP
Outer Interface Filter: l2tp_ipsec
Outer Server IP: wan_ip
4.
Under the PPP Parameters tab, select L2TP_Pool in the IP Pool control.
5.
Under the Add Route tab, select all_nets in the Allowed Networks control.
6.
Click OK.
Use User Authentication Rules is enabled as default. To be able to authenticate the users using the PPTP tun-
nel you also need to configure authentication rules, which is not covered in this example.
Example 9.10. Setting up an L2TP Tunnel
This example shows how to setup a fully working L2TP Tunnel and will cover many parts of basic VPN configura-
tion. Before starting, you need to configure some address objects, e.g. the network that is going to be assigned to
the L2TP clients. Proposal lists and PSK are needed as well. Here we will use the objects created in previous ex-
amples.
To be able to authenticate the users using the L2TP tunnel a local user database will be used.
1. Start with preparing a new Local User Database:
CLI
gw-world:/> add LocalUserDatabase UserDB
gw-world:/> cc LocalUserDatabase UserDB
gw-world:/UserDB> add User testuser Password=mypassword
Web Interface
1.
Go to User Authentication > Local User Databases > Add > Local User Database
2.
Enter a suitable for the user database, for instance UserDB
3.
Go to User Authentication > Local User Databases > UserDB > Add > User
4.
Now enter:
Username: testuser
Password: mypassword
Confirm Password: mypassword
5.
Click OK.
Now we will setup the IPsec Tunnel, which will later be used in the L2TP section. As we are going to use L2TP,
the Local Network is the same IP the L2TP tunnel will connect to, wan_ip. Furthermore, the IPsec tunnel needs to
be configured to dynamically add routes to the remote network when the tunnel is established.
2. Continue setting up the IPsec Tunnel:
CLI
gw-world:/> add Interface IPsecTunnel l2tp_ipsec LocalNetwork=wan_ip
RemoteNetwork=all-nets IKEAlgorithms=ike-roamingclients
Chapter 9. Virtual Private Networks
204

Advertisement

Table of Contents
loading

Table of Contents