Setting up an l2tp tunnel over ipsec – Amer Networks E5Web GUI User Manual

4.

Under the PPP Parameters tab, select L2TP_Pool in the IP Pool control.

5.

Under the Add Route tab, select all-nets in the Allowed Networks control.

6.

Click OK

Use User Authentication Rules is enabled as default. To be able to authenticate users using the
PPTP tunnel, it is necessary to configure cOS Core Authentication Rules but that is not covered in
this example.

Example 9.12. Setting up an L2TP Tunnel Over IPsec

This example shows how to setup a fully working L2TP Tunnel based on IPsec encryption and will
cover many parts of basic VPN configuration.

Before starting, it is necessary to configure some address objects, for example the network that is
going to be assigned to the L2TP clients. Proposal lists and PSK are needed as well. Here we will
use the objects created in previous examples.

To be able to authenticate the users using the L2TP tunnel a local user database will be used.

A. Start by preparing a new Local User Database:

Command-Line Interface

Device:/> add LocalUserDatabase UserDB

Device:/> cc LocalUserDatabase UserDB

Device:/UserDB> add User testuser Password=mypassword

InControl

Follow the same steps used for the Web Interface below.

Web Interface

1.

Go to: Policies > User Authentication Local User Databases > Add > Local User
Database

2.

Enter a suitable name for the user database, for example UserDB

3.

Go to: Policies > User Authentication Local User Databases > UserDB > Add > User

4.

Now enter:

•

Username: testuser

•

Password: mypassword

•

Confirm Password: mypassword

5.

Click OK

Chapter 9: VPN

622