D-Link DFL-1600 User Manual page 255
Network security firewall
Hide thumbs
Also See for DFL-1600:
- Quick manual (22 pages) ,
- User manual (552 pages) ,
- Log reference manual (476 pages)
Table of Contents
Advertisement
22.2. PPTP/ L2TP
235
IP Header UDP Header L2TP Header
PPP
Payload
PPP Frame
Table 22.2: L2TP Encapsulation.
L2TP encryption
L2TP calls for MPPE for encryption.
L2TP/IPsec
The authentication methods addressed by PPTP and L2TP mainly rely on
the user's password, and the encryption to the tunneling data is not
initially designed for these protocols. Thus, PPTP and L2TP are NOT
resistant to many common attacks, e.g. Man-in-the-middle, Replay,
Spoofing, Dictionary, and Dos attacks.
L2TP and IPsec can work together to benefit from both flexibility and
stronger security. By encapsulating L2TP as payload into an IPsec packet,
connections can be protected by sound encryption and authentication. This
combination is called L2TP/IPsec.
Example:
Configuring L2TP/IPsec Server (PSK)
This example describes how to set up a L2TP server with IPsec, using
pre-shared keys. The LAN network is a 192.168.1.0/24 network, and
10.0.0.0/24 is the network on the WAN interface. L2TP clients will connect
to the L2TP/IPsec server on 10.0.0.1 on the WAN interface, in order to
access resources on the LAN interface.
D-Link Firewalls User's Guide
Advertisement
Table of Contents
