Digi IX10-00G4 User Manual page 369

Virtual Private Networks (VPN)
c. For Zone, select the appropriate firewall zone from the dropdown.
d. Click  again to allow access through additional firewall zones.
6. To add an L2TP access concentrator:
a. Click to expand L2TP access concentrators.
b. For Add L2TP access concentrator, type a name for the LAC and click .
c. LACs are enabled by default. To disable, toggle off Enable.
d. For L2TP network server, type the hostname or IP address of the L2TP network server.
e. (Optional) Type the L2TP network server port to use to connect to the server, if other
than the default of 1701.
f. (Optional) Type the Username to use to log into the server.
g. (Optional) Type the Password to use to log into the server.
h. (Optional) Type the Metric for the tunnel, if other than the default of 1.
i. Select a firewall Zone for the tunnel. This is used by packet filtering rules and access
control lists to restrict network traffic on the tunnel.
j. (Optional): Custom PPP configuration:
i. Enable custom PPP configuration.
ii. Enable Override if the custom configuration should override the default configuration
and only use the custom options.
iii. For Configuration file, paste or type the configuration data in the format of a pppd
options file.
k. For SureLink, see
7. To add an L2TP network server:
a. Click to expand L2TP network servers.
b. For Add L2TP network server, type a name for the LNS and click .
c. LNSs are enabled by default. To disable, toggle off Enable.
d. For L2TP access concentrator, type the IP addressof the L2TP access concentrator that
this server will allow connections from. This can also be:
n
n
e. For Local IP address, type the IP address of the L2TP virtual network interface.
f. For Remote IP address, type the IP address to assign to the remote peer.
g. (Optional) For Authentication method, select one of the following:
n
n
n
n
IX10 User Guide
See Firewall configuration
Configure SureLink active recovery for
A range of IP addresses, using the format x.x.x.x-y.y.y.y, for example 192.168.188.1-
192.168.188.254.
The keyword any, which means that the server will accept connections from any IP
address.
None: No authentication is required.
Automatic: The device will attempt to connect using CHAP first, and then PAP.
CHAP: Uses the Challenge Handshake Authentication Profile (CHAP) to
authenticate.
PAP: Uses the Password Authentication Profile (PAP) to authenticate.
for information about firewall zones.
PPP-over-L2TP.
L2TP
369