Amer Networks E5Web GUI User Manual

Now we will setup the IPsec Tunnel, which will later be used in the L2TP section. As we are going
to use L2TP, the Local Network is the same IP as the IP that the L2TP tunnel will connect to,
wan_ip. Furthermore, the IPsec tunnel needs to be configured to dynamically add routes to the
remote network when the tunnel is established.

B. Continue setting up the IPsec Tunnel:

Command-Line Interface

Device:/> add Interface IPsecTunnel l2tp_ipsec

LocalNetwork=wan_ip
RemoteNetwork=all-nets
IKEAlgorithms=Medium
IPsecAlgorithms=esp-l2tptunnel
PSK=MyPSK
EncapsulationMode=Transport
AddRouteToRemoteNet=No
IPsecLifeTimeKilobytes=250000
IPsecLifeTimeSeconds=3600

InControl

Follow the same steps used for the Web Interface below.

Web Interface

1.

Go to: Network > Interfaces and VPN > IPsec > Add > IPsec Tunnel

2.

Enter a name for the IPsec tunnel, for example l2tp_ipsec

3.

Now enter:

a.

Local Network: wan_ip

b.

Remote Network: all-nets

c.

Remote Endpoint: none

d.

Encapsulation Mode: Transport

e.

IKE Algorithms: High

f.

IPsec Algorithms: esp-l2tptunnel

4.

Enter 3600 in the IPsec Life Time seconds control

5.

Enter 250000 in the IPsec Life Time kilobytes control

6.

Under the Authentication tab, select Pre-shared Key

7.

Select MyPSK in the Pre-shared Key control

8.

Under Routing deselect:
Dynamically add route to the remote network when a tunnel is established

9.

Click OK

Now it is time to setup the L2TP Server. The inner IP address should be a part of the network
which the clients are assigned IP addresses from, in this lan_ip. The outer interface filter is the
interface that the L2TP server will accept connections on, this will be the earlier created

Chapter 9: VPN

623