L2TP and Xauth Local Users Configuration Overview
Use the L2TP/XAuth/Local User option to enable the security device to authenticate local users and/or assign specific IP pools and remote settings. Because user objects are shared objects, you can configure the same user on multiple devices, but assign different remote settings and IP pool for each device.
You must configure a L2TP or XAuth local user on a security device when:
You want the device to authenticate the user. Typically, you want to authenticate a user who is connecting to the device using a VPN tunnel.
You want the device to assign specific IP, DNS server, and WINS server addresses to a user who is connecting to the device using a VPN tunnel. The remote settings and IP pool you assign at the device level override the remote settings and IP pool assigned to the VPN.