D-Link DFL-860 Product Manual - Page 428
RemoteNetwork=all-nets IKEAlgorithms=Medium, DHCPOverIPsec=Yes AddRouteToRemoteNet=Yes
UPC - 790069900204
View all D-Link DFL-860 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 428 highlights
9.5.2. L2TP Servers Chapter 9. VPN 2. Enter a suitable name for the user database, for example UserDB 3. Go to User Authentication > Local User Databases > UserDB > Add > User 4. Now enter: • Username: testuser • Password: mypassword • Confirm Password: mypassword 5. Click OK Now we will setup the IPsec Tunnel, which will later be used in the L2TP section. As we are going to use L2TP, the Local Network is the same IP as the IP that the L2TP tunnel will connect to, wan_ip. Furthermore, the IPsec tunnel needs to be configured to dynamically add routes to the remote network when the tunnel is established. B. Continue setting up the IPsec Tunnel: Command-Line Interface gw-world:/> add Interface IPsecTunnel l2tp_ipsec LocalNetwork=wan_ip RemoteNetwork=all-nets IKEAlgorithms=Medium IPsecAlgorithms=esp-l2tptunnel PSK=MyPSK EncapsulationMode=Transport DHCPOverIPsec=Yes AddRouteToRemoteNet=Yes IPsecLifeTimeKilobytes=250000 IPsecLifeTimeSeconds=3600 Web Interface 1. Go to Interfaces > IPsec > Add > IPsec Tunnel 2. Enter a name for the IPsec tunnel, for example l2tp_ipsec 3. Now enter: a. Local Network: wan_ip b. Remote Network: all-nets c. Remote Endpoint: none d. Encapsulation Mode: Transport e. IKE Algorithms: High f. IPsec Algorithms: esp-l2tptunnel 4. Enter 3600 in the IPsec Life Time seconds control 5. Enter 250000 in the IPsec Life Time kilobytes control 6. Under the Authentication tab, select Pre-shared Key 7. Select MyPSK in the Pre-shared Key control 8. Under the Routing tab, check the following controls: • Allow DHCP over IPsec from single-host clients • Dynamically add route to the remote network when a tunnel is established 9. Click OK Now it is time to setup the L2TP Server. The inner IP address should be a part of the network which the clients are assigned IP addresses from, in this lan_ip. The outer interface filter is the interface that the L2TP server will accept connections on, this will be the earlier created l2tp_ipsec. ProxyARP also needs to be configured for the IPs used by the L2TP Clients. C. Setup the L2TP Tunnel: Command-Line Interface 428