Vpn Troubleshooting - D-Link NetDefend DFL-210 User Manual

9.2.7. VPN Troubleshooting

• An int_net object which is the internal network from which the addresses come.
• An ip_int object which is the internal IP address of the interface connected to the internal
network. let's assume this interface is int.
• An ip_ext object which is the external public address which clients will connect to (let's
assume this is on the ext interface).
2. Define a PPTP/L2TP object (let's call it pptp_tunnel) with the following parameters:
• Set Inner IP Address to ip_net.
• Set Tunnel Protocol to PPTP.
• Set Outer Interface Filter to ext.
• Set Outer server IP to ip_ext.
• For Microsoft Point-to-Point Encryption it is recommended to disable all options except
128 bit encryption.
• Set IP Pool to pptp_pool
• Enable Proxy ARP on the int interface.
• As in L2TP, enable the insertion of new routes automatically into the main routing table.
3. Define a User Authentication Rule, this is almost identical to L2TP:
Agent
PPP
4. Now set up the IP rules in the IP rule set:
Action
Allow
NAT
As described for L2TP, the NAT rule lets the clients access the public Internet via the D-Link
Firewall.
5. Set up the client. For Windows XP, the procedure is exactly as described for L2TP above but
without entering the pre-shared key.
9.2.7. VPN Troubleshooting
General Troubleshooting
In all types of VPNs some basic troubleshooting checks can be made:
• Check that all IP addresses have been specified correctly.
• Check that all pre-shared keys and usernames/passwords are correctly entered.
Auth Source Src Network
Local all-nets
Src Interface Src Network
pptp_tunnel pptp_pool
pptp_tunnel pptp_pool
Interface
pptp_tunnel
Dest Interface
any
ext
237
Chapter 9. VPN
Client Source IP
all-nets (0.0.0.0/0)
Dest Network Service
int_net All
all-nets All