D-Link NetDefendOS User Manual page 745

• Local Network: If3_net
• Outer Interface Filter: my_ipsec_tunnel
• Server IP: If2_ip
3. Click OK
B. Next, enable transparent mode on the protected interface If3:
1. Go to: Network > Interfaces and VPN > Ethernet
2. Select the If3 interface
3. Select the option Enable transparent mode
4. Click OK
Setup With VLANs
The NetDefendOS L2TPv3 server can handle VLAN tagged Ethernet frames so that a protected
internal network can be accessed by external clients over VLAN connections.
To do this with NetDefendOS, a pair of VLANs need to be configured, both with the same VLAN
ID as the ID used by the clients. One VLAN is configured on the local, protected Ethernet
interface. The other VLAN is configured on the L2TPv3 server interface. Both of these VLANs must
have transparent mode enabled. In addition, a new routing table must be defined for each pair
and each VLAN in the pair is made a member of that table.
Here is a summary of the setup steps for VLAN:
A. Define an L2TPv3 server interface object as described previously but do not enable
transparent mode on the protected Ethernet interface.
B. Set up a NetDefendOS VLAN interface object with the following properties:
i. The VLAN ID is the same as the VLAN ID of packets sent by clients.
ii. The interface is the protected Ethernet interface.
iii. The network is the same as the protected local network.
iv. The IPv4 address for the VLAN is any arbitrary IP from the protected local network.
v. Transparent mode for this VLAN is enabled.
C. Set up a second VLAN interface object with the following properties:
i. The VLAN ID is the same as the previous VLAN and the same as the ID of packets sent by
clients.
ii. The interface is the L2TPv3 Server object defined previously.
iii. The network is the same as the protected local network.
iv. The IPv4 address for the VLAN is any arbitrary IP from the protected local network but
different from the previous VLAN.
745
Chapter 9: VPN