beautypg.com

Headquar ters – Allied Telesis AlliedWare AR440S User Manual

Page 38

background image

Headquar

ters

Page 38 | AlliedWare™ OS How To Note: VPNs for Corporate Networks

Headquarters VPN access concentrator's configuration

#

System configuration

set system name=HQ

#

User configuration

set user securedelay=600

#

Add your approved roaming VPN client usernames.

add user=roaming1 pass=roaming1 lo=no telnet=no

add user=roaming2 pass=roaming2 lo=no telnet=no

add user=roaming3 pass=roaming3 lo=no telnet=no

add user=roaming4 pass=roaming4 lo=no telnet=no

#

Define a security officer.

add user=secoff pass=<your-secoff-password> priv=securityofficer

lo=yes telnet=yes

#

Change the manager privilege user’s password.

set user=manager password=<your-password>

#

RADIUS configuration

#

If desired, add a RADIUS authentication server for authenticating

#

users.

add radius server=<radius-server-address> secret=<secret-key>

#

PPP template configuration

#

Create a template to use for incoming roaming Windows VPN client

#

connections. This defines authentication and associates the IP pool

#

of addresses that are allocated to clients.

create ppp template=1

set ppp template=1 bap=off ippool=roaming authentication=chap echo=10

lqr=off

#

L2TP configuration

#

Configure an L2TP server to accept incoming roaming Windows VPN

#

client connections

enable l2tp

enable l2tp server=both

add l2tp ip=1.1.1.1-255.255.255.254 ppptemplate=1 tos=on

#

IP configuration

enable ip

add ip int=vlan1 ip=192.168.140.254

#

Configure eth0 for connecting to the Internet with a fixed address.

add ip int=eth0 ip=200.200.200.1

add ip rou=0.0.0.0 mask=0.0.0.0 int=eth0 next=200.200.200.254

#

Create an IP pool to allocate unique internal payload addresses to

#

incoming VPN clients.

create ip pool=roaming ip=192.168.143.1-192.168.143.50

See also other documents in the category Allied Telesis Hardware: