9.4.2. L2TP
7.
In the ProxyARP control, select the lan interface.
8.
Click OK
In order to authenticate the users using the L2TP tunnel, a user authentication rule needs to be configured.
4. Next will be setting up the authentication rules:
CLI
gw-world:/> add UserAuthRule AuthSource=Local Interface=l2tp_tunnel
Web Interface
1.
Go to User Authentication > User Authentication Rules > Add > UserAuthRule
2.
Enter aname for the rule e.g. L2TP_Auth
3.
Now enter:
•
Agent: PPP
•
Authentication Source: Local
•
Interface: l2tp_tunnel
•
Originator IP: all-nets
•
Terminator IP: wan_ip
4.
Under the Authentication Options tab enter Local User DB: UserDB
5.
Click OK
When the other parts are done, all that is left is the rules. To let traffic trough from the tunnel, two certain IP rules
should be added.
5. Finally, set up the rules:
CLI
gw-world:/> add IPRule action=Allow Service=all_services
gw-world:/> add IPRule action=NAT Service=all_services
Web Interface
1.
Go to Rules > IP Rules > Add > IPRule
2.
Enter a name for the rule e.g. AllowL2TP
3.
Now enter:
•
Action: Allow
•
Service: all_services
•
Source Interface: l2tp_tunnel
•
Source Network: l2tp_pool
•
Destination Interface: any
•
Destination Network: all-nets
4.
Click OK
OriginatorIP=all-nets LocalUserDB=UserDB agent=PPP TerminatorIP=wan_ip
name=L2TP_Auth
SourceInterface=l2tp_tunnel SourceNetwork=l2tp_pool
DestinationInterface=any DestinationNetwork=all-nets name=AllowL2TP
SourceInterface=l2tp_tunnel SourceNetwork=l2tp_pool
DestinationInterface=any DestinationNetwork=all-nets name=NATL2TP
Chapter 9. Virtual Private Networks
206