TP-Link OC200 Omada Controller Software 4.1.5Windows/Linux User Guide - Page 127

Chapter 4 Configure the Network with Omada SDN Controller 2. Enter a name to identify the VPN policy and select the purpose as Client-to-Site VPN. Refer to the following table to configure the required parameters and click Create. Name Enter a name to identify the VPN policy. Purpose Select the purpose for the VPN as Client-to-Site VPN. VPN Type Select the VPN type as VPN Server - L2TP. Status Click the checkbox to enable the VPN policy. IPsec Encryption Specify whether to enable the encryption for the tunnel. Encrypted: Select Encrypted to encrypt the L2TP tunnel by IPsec (L2TP over IPsec). With Encrypted selected, enter the Pre-shared Key for IKE authentication. VPN server and VPN client must use the same pre-shared secret key for authentication. Unencrypted: With Unencrypted selected, the L2TP tunnel will not be encrypted by IPsec. Auto: With Auto selected, the L2TP server will determine whether to encrypt the tunnel according to the client 's encryption settings. And enter the Pre-shared Key for IKE authentication. VPN server and VPN client must use the same pre-shared secret key for authentication. Local Networks Select the networks on the local side of the VPN tunnel. The VPN policy will be only applied to the selected local networks. Pre-shared Key Enter the pre-shared secret key when IPsec Encryption is selected as Encrypted and Auto. Both peer routers must use the same pre-shared secret key for authentication. WAN Select the WAN port on which the L2TP VPN tunnel is established. Each WAN port supports only one L2TP VPN tunnel when the gateway works as a L2TP server. IP Pool Enter the IP address and subnet mask to decide the range of the VPN IP pool. The VPN server will assign IP address to the remote host when the tunnel is established. You can specify any reasonable IP address that will not cause overlap with the IP address of the LAN on the local peer router. 125