ZyXEL SBG3300-NB00 User Guide - Page 305
Setup, IP Address Pool, L2TP VPN, Encryption, Authentication, Default_L2TPVPN
View all ZyXEL SBG3300-NB00 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 305 highlights
Chapter 22 L2TP VPN 4 An L2TP client is disconnected unexpectedly. Tip: An L2TP connection will be dropped when one of the followings occurs on the Device: (1) Client has no activity for a period of time. (2) Client loses connectivity to the Device for a period of time. (3) Any IPSec VPN configuration change is applied on the Device. (4) Either Default_L2TPVPN IPSec configuration or L2TP VPN is disabled on the Device. (5) When any one of these configuration changes is applied on the Device: WAN Interface used for L2TP VPN, IP Address Pool, Access Group. (6) The Device WAN interface on which the L2TP connection established is disconnected. 5 An L2TP client is connected successfully but cannot access the local host or server behind the Device. Tip: This may be caused by one of the followings: (1) The local host or server is disconnected. (2) The Access Group is not configured correctly. From the Device's GUI, go to the VPN > L2TP VPN > Setup screen to check. Note that all local hosts are by default accessible unless Access Group is configured. (3) IP Address Pool for L2TP VPN is conflicting with any WAN, LAN, DMZ, WLAN, or PPTP VPN subnet configured on the Device. Note that IP Address Pool for L2TP VPN has 24-bit netmask and should not conflict with any others listed above even if they are not in use. 6 An L2TP client is connected successfully but cannot browse Internet. Tip: From the Device's GUI, click VPN > L2TP VPN > Setup. Check if DNS Server is configured. A client cannot browse Internet without DNS resolved. Note that when a new DNS Server is configured, the client must disconnect then reconnect in order for the new DNS Server to take effect. 7 The L2TP client can no longer connect to SBG3300 after the Encryption or Authentication for the Default_L2TPVPN IPSec VPN rule is changed. Tip: A user usually do not need change the default Encryption or Authentication algorithms in the Default_L2TPVPN IPSec VPN rule. The default Encryption and Authentication algorithms should support the built-in L2TP/IPSec client software in the popular operating systems (Windows (XP, Vista, 7), Android, and iOS). Refer to Table 91 on page 286 for the default setting of the Default_L2TPVPN IPSec VPN rule. As a reference, Table 103 on page 306 lists the IPSec proposals provided by a built-in L2TP client in the popular operating systems during IPSec phase 1 negotiation. The first proposal that can be supported by the phase 1 setting in the Default_L2TPVPN IPSec VPN rule will be accepted by the SBG3300-N Series User's Guide 305