D-Link DFL-260E User Manual for DFL-260E - Page 464
Note: The default PPTP/L2TP route, Using the PPTP Client Feature
View all D-Link DFL-260E manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 464 highlights
9.5.4. PPTP/L2TP Clients Chapter 9. VPN Names of Assigned Addresses Both PPTP and L2TP utilizes dynamic IP configuration using the PPP LCP protocol. When NetDefendOS receives this information, it is stored in symbolic host/network names. The settings for this are: • Inner IP Address - The host name that is used for storing the assigned IP address. If this network object exists and has a value which is not 0.0.0.0 then the PPTP/L2TP client will try to get that one from the PPTP/L2TP server as the preferred IP. • Automatically pick name - If this option is enabled then NetDefendOS will create a host name based on the name of the PPTP/L2TP interface, for example ip_PPTPTunnel1. • Primary/Secondary DNS Name - This defines the DNS servers from a list of predefined network objects. Note: The default PPTP/L2TP route A PPTP/L2TP server will not provide information such as gateway or broadcast addresses, as this is not used with PPTP/L2TP tunnels. When using PPTP/L2TP, the default route is normally routed directly across the PPTP/L2TP tunnel without a specified gateway. Authentication • Username - Specifies the username to use for this PPTP/L2TP interface. • Password - Specifies the password for the interface. • Authentication - Specifies which authentication protocol to use. • MPPE - Specifies if Microsoft Point-to-Point Encryption is used and which level to use. If Dial On Demand is enabled then the PPTP/L2TP tunnel will not be set up until traffic is sent on the interface. The parameters for this option are: • Activity Sense - Specifies if dial-on-demand should trigger on Send or Recv or both. • Idle Timeout - The time of inactivity in seconds to wait before disconnection. Using the PPTP Client Feature One usage of the PPTP client feature is shown in the scenario depicted below. Here a number of clients are being NATed through NetDefendOS before being connected to a PPTP server on the other side of the NetDefend Firewall. If more that one of the clients is acting as a PPTP client which is trying to connect to the PPTP server then this will not work because of the NATing. The only way of achieving multiple PPTP clients being NATed like this, is for the NetDefend Firewall to act as a PPTP client when it connects to the PPTP server. To summarize the setup: • A PPTP tunnel is defined between NetDefendOS and the server. • A route is added to the routing table in NetDefendOS which specifies that traffic for the server should be routed through the PPTP tunnel. 464