D-Link DFL-800-AV-12 User Manual - Page 237
VPN Troubleshooting, PPTP/L2TP, Inner IP Address, Tunnel Protocol, Outer Interface Filter
View all D-Link DFL-800-AV-12 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 237 highlights
9.2.7. VPN Troubleshooting Chapter 9. VPN • An int_net object which is the internal network from which the addresses come. • An ip_int object which is the internal IP address of the interface connected to the internal network. let's assume this interface is int. • An ip_ext object which is the external public address which clients will connect to (let's assume this is on the ext interface). 2. Define a PPTP/L2TP object (let's call it pptp_tunnel) with the following parameters: • Set Inner IP Address to ip_net. • Set Tunnel Protocol to PPTP. • Set Outer Interface Filter to ext. • Set Outer server IP to ip_ext. • For Microsoft Point-to-Point Encryption it is recommended to disable all options except 128 bit encryption. • Set IP Pool to pptp_pool • Enable Proxy ARP on the int interface. • As in L2TP, enable the insertion of new routes automatically into the main routing table. 3. Define a User Authentication Rule, this is almost identical to L2TP: Agent PPP Auth Source Local Src Network all-nets Interface pptp_tunnel Client Source IP all-nets (0.0.0.0/0) 4. Now set up the IP rules in the IP rule set: Action Allow NAT Src Interface pptp_tunnel pptp_tunnel Src Network pptp_pool pptp_pool Dest Interface any ext Dest Network int_net all-nets Service All All As described for L2TP, the NAT rule lets the clients access the public Internet via the D-Link Firewall. 5. Set up the client. For Windows XP, the procedure is exactly as described for L2TP above but without entering the pre-shared key. 9.2.7. VPN Troubleshooting General Troubleshooting In all types of VPNs some basic troubleshooting checks can be made: • Check that all IP addresses have been specified correctly. • Check that all pre-shared keys and usernames/passwords are correctly entered. 237