D-Link DFL-800-AV-12 User Manual - Page 235
Enable Proxy ARP on the, Define a User Authentication Rule
View all D-Link DFL-800-AV-12 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 235 highlights
9.2.4. L2TP Roaming Clients with Pre-Shared Keys Chapter 9. VPN 3. Define a Pre-shared Key for the IPsec tunnel. 4. Define an IPsec Tunnel object (let's call this object ipsec_tunnel) with the following parameters: • Set Local Network to ip_ext (specify all-nets instead if NetDefendOS is behind a NATing device). • Set Remote Network to all-nets • Set Remote Gateway to none • For Authentication select the Pre-shared Key object defined in the first step. • Set Encapsulation Mode to Transport. • Select the IKE and IPsec proposal lists to be used. • Enable the routing option Dynamically add route to the remote network when tunnel established. 5. Define an PPTP/L2TP Server object (let's call this object l2tp_tunnel) with the following parameters: • Set Inner IP Address to ip_int • Set Tunnel Protocol to L2TP • Set Outer Interface Filter to ipsec_tunnel • Set Outer Server IP to ip_ext • Select the Microsoft Point-to-Point Encryption allowed. Since IPsec encryption is used this can be set to be None only, otherwise double encryption will degrade throughput. • Set IP Pool to l2tp_pool. • Enable Proxy ARP on the int interface to which the internal network is connected. • Make the interface a member of a specific routing table so that routes are automatically added to that table. Normally the main table is selected. 6. For user authentication: • Define a Local User DB object (let's call this object TrustedUsers). • Add individual users to TrustedUsers. This should consist of at least a username and password combination. The Group string for a user can also be specified. This is explained in the same step in the IPsec Roaming Clients section above. • Define a User Authentication Rule: Agent PPP Auth Source Local Src Network all-nets Interface l2tp_tunnel Client Source IP all-nets (0.0.0.0/0) 7. To allow traffic through the L2TP tunnel the following rules should be defined in the IP rule set: 235