VPN
Configuring the L2TP Server
STEP 2
STEP 3
STEP 4
Cisco ISA500 Series Integrated Security Appliance Administrator Guide
Click On to enable L2TP server, or click Off to disable it.
If you enable L2TP, enter the following information:
•
Listen WAN Interface: Choose the WAN interface on which the L2TP server
listens to accept the incoming L2TP VPN connection.
•
User Name: Enter the user name that all L2TP clients use to access the L2TP
server.
•
Password: Enter the password that all L2TP clients use to access the L2TP
server.
All L2TP clients use the same user name and password to log into the
NOTE
L2TP server.
•
MTU: Enter the MTU size in bytes that can be sent over the network (the
range from 128 to 1400 bytes). The default is 1400 bytes.
•
Authentication Method: You can choose either CHAP or PAP, or both to
authenticate to the L2TP clients. Click On to enable CHAP or PAP, or click Off
to disable it.
•
Local Service IP: Enter the IP address of the established PPP link.
•
Address Pool: The L2TP server assigns IP addresses to L2TP clients. Enter
the starting IP address in the Start IP field and the ending IP address in the
End IP field.
•
DNS1 IP: Enter the IP address of the primary DNS server.
•
DNS2 IP: Optionally, enter the IP address of the secondary DNS server.
•
Enable over IPSec: Click On to enable the data encryption over the IPSec
VPN tunnel, or click Off to disable it.
•
Preshare Key: The data encryption over the IPSec VPN tunnel uses a pre-
shared key for authentication. If you enable Enable over IPSec, enter the
desired value, which the L2TP clients must provide to establish a connection.
The pre-shared key must be entered exactly the same here and on the L2TP
clients.
Click Save to apply your settings.
8
267