•
Agent: PPP
•
Authentication Source: Local
•
Interface: l2tp_tunnel
•
Originator IP: all-nets
•
Terminator IP: wan_ip
4.
Under the Authentication Options tab enter UserDB as the Local User DB
5.
Click OK
When the other parts are done, all that is left is the rules. To let traffic through from the tunnel,
two IP rules should be added.
E. Finally, set up the rules:
Command-Line Interface
gw-world:/> add IPRule action=Allow
gw-world:/main> add IPRule action=NAT
Web Interface
1.
Go to: Policies > Firewalling > Main IP Rules > Add > IP Rule
2.
Enter a name for the rule, for example AllowL2TP
3.
Now enter:
•
Action: Allow
•
Service: all_services
•
Source Interface: l2tp_tunnel
•
Source Network: l2tp_pool
•
Destination Interface: lan
•
Destination Network: lannet
4.
Click OK
Service=all_services
SourceInterface=l2tp_tunnel
SourceNetwork=l2tp_pool
DestinationInterface=lan
DestinationNetwork=lannet
name=AllowL2TP
Service=all_services
SourceInterface=l2tp_tunnel
SourceNetwork=l2tp_pool
DestinationInterface=wan
DestinationNetwork=all-nets
name=NATL2TP
735
Chapter 9: VPN