Device Level L2TP VPN: Using L2TP Configuration Overview
To connect to an L2TP VPN tunnel, the L2TP RAS
user uses the IP address and WINS/DNS information assigned by the
user’s ISP. However, when the L2TP RAS user sends VPN traffic
through the tunnel, the security device assigns a new IP address and
WINS/DNS information that enables the traffic to reach the destination
network.
Enter a name for the L2TP VPN, and then specify
the following information as described in Table 1.
Table 1: Device Level L2TP VPN: using
L2TP Configuration
L2TP Options
|
Description
|
Host Name
|
Enter the name of the L2TP host.
|
Outgoing Interface
|
Specify the outgoing interface, which is the interface
on the security device that sends and receives VPN traffic. Typically,
the outgoing interface is in the untrust zone.
|
Keep Alive
|
Specify the number of seconds a VPN member waits between
sending hello packets to an L2TP RAS user.
|
Peer IP
|
Enter the IP address of the L2TP peer.
|
Secret
|
Enter the shared secret that authenticates communication
in the L2TP tunnel.
|
Remote Settings
|
Select the preconfigured remote settings object that
represents the DNS and WINS servers assigned to L2TP RAS users after
they have connected to the tunnel.
|
IP Pool Name
|
Select the preconfigured IP pool object that represents
the available IP addresses that can be assigned to L2TP RAS users
after they have connected to the tunnel.
|
Auth Server
|
- Use the default settings to use the default authentication
server for the domain. To change or assign a domain authentication
server, edit the domain settings; for details, see the Network
and Security Manager Administration Guide.
- Use custom settings to specify a preconfigured authentication
server object to assign TCP/IP settings to the gateway and authenticate
specific L2TP user or user groups.
|
Published: 2009-08-20
