Table of Contents
Advertisement
Chapter 18 L2TP VPN
• For the Remote Policy, create an address object that uses host type and an IP address of
0.0.0.0. It is named L2TP_HOST in this example.
Router(config)# crypto map Default_L2TP_VPN_Connection
Router(config-crypto Default_L2TP_VPN_Connection)# policy-enforcement
Router(config-crypto Default_L2TP_VPN_Connection)# local-policy L2TP_IFACE
Router(config-crypto Default_L2TP_VPN_Connection)# remote-policy L2TP_HOST
Router(config-crypto Default_L2TP_VPN_Connection)# activate
Router(config-crypto Default_L2TP_VPN_Connection)# exit
Router(config)#
18.5.3 Configuring the L2TP VPN Settings Example
The following commands configure and display the L2TP VPN settings.
• Set it to use the Default_L2TP_VPN_Connection VPN connection.
• Configure an IP address pool for the range of 192.168.10.10 to 192.168.10.20. In this
example it is already created and called L2TP_POOL.
• This example uses the default authentication method (the ZyWALL's local user data base).
• Select a user or group of users that can use the tunnel. Here a user account named L2TP-
test has been created.
• The other settings are left to the defaults in this example.
• Enable the connection.
Router(config)# l2tp-over-ipsec crypto Default_L2TP_VPN_Connection
Router(config)# l2tp-over-ipsec pool L2TP_POOL
Router(config)# l2tp-over-ipsec authentication default
Router(config)# l2tp-over-ipsec user L2TP-test
Router(config)# l2tp-over-ipsec activate
Router(config)# show l2tp-over-ipsec
L2TP over IPSec:
activate
crypto
address pool
authentication
user
keepalive timer
first dns server
second dns server : aux 1st-dns
first wins server :
second wins server:
18.5.4 Configuring the Policy Route for L2TP Example
The following commands configure and display the policy route for the L2TP VPN
connection entry.
• Set the policy route's Source Address to the address object that you want to allow the
remote users to access (LAN_SUBNET in this example).
• Set the Destination Address to the IP address pool that the ZyWALL assigns to the
remote users (L2TP_POOL in this example).
• Set the next hop to be the Default_L2TP_VPN_Connection tunnel.
158
: yes
: Default_L2TP_VPN_Connection
: L2TP_POOL
: default
: L2TP-test
: 60
: aux 1st-dns
ZyWALL (ZLD) CLI Reference Guide
Hide quick links:
Advertisement
Table of Contents
Related Manuals for ZyXEL Communications ZYWALL - CLI
Related Products for ZyXEL Communications ZYWALL - CLI
- ZyXEL Communications ZyXEL ZYWALL10
- ZyXEL Communications Internet Security Appliance ZyWALL5UTM 4.0
- ZyXEL Communications ZYWALL2 ET 2WE
- ZyXEL Communications ZyWALL USG 50
- ZyXEL Communications ZYWALL USG 20
- ZyXEL Communications ZYWALL USG CLI
- ZyXEL Communications ZyWall1
- ZyXEL Communications ZYWALL 200