D-Link NetDefend DFL-210 User Manual page 367

9.5.2. L2TP Servers
2. Enter a name for the L2TP tunnel, for example l2tp_tunnel
3. Now enter:
• Inner IP Address: lan_ip
• Tunnel Protocol: L2TP
• Outer Interface Filter: l2tp_ipsec
• Server IP: wan_ip
4. Under the PPP Parameters tab, check the Use User Authentication Rules control
5. Select l2tp_pool in the IP Pool control
6. Under the Add Route tab, select all-nets in the Allowed Networks control
7. In the ProxyARP control, select the lan interface
8. Click OK
In order to authenticate the users using the L2TP tunnel, a user authentication rule needs to be configured.
D. Next will be setting up the authentication rules:
CLI
gw-world:/> add UserAuthRule AuthSource=Local Interface=l2tp_tunnel
Web Interface
1. Go to User Authentication > User Authentication Rules > Add > UserAuthRule
2. Enter a suitable name for the rule, for example L2TP_Auth
3. Now enter:
• Agent: PPP
• Authentication Source: Local
• Interface: l2tp_tunnel
• Originator IP: all-nets
• Terminator IP: wan_ip
4. Under the Authentication Options tab enter UserDB as the Local User DB
5. Click OK
When the other parts are done, all that is left is the rules. To let traffic through from the tunnel, two IP rules should
be added.
E. Finally, set up the rules:
CLI
First, change the current category to be the main IP rule set:
gw-world:/> cc IPRuleSet main
Now, add the IP rules:
gw-world:/main> add IPRule action=Allow Service=all_services
gw-world:/main> add IPRule action=NAT Service=all_services
OriginatorIP=all-nets LocalUserDB=UserDB agent=PPP TerminatorIP=wan_ip
name=L2TP_Auth
SourceInterface=l2tp_tunnel SourceNetwork=l2tp_pool
DestinationInterface=any DestinationNetwork=all-nets name=AllowL2TP
SourceInterface=l2tp_tunnel SourceNetwork=l2tp_pool
367
Chapter 9. VPN