Pptp/l2tp clients – Amer Networks E5Web GUI User Manual

Pass L2TP traffic sent to the Clavister Security Gateway directly to the L2TP Server without
consulting the rule set.

Default: Enabled

PPTP Before Rules

Pass PPTP traffic sent to the Clavister Security Gateway directly to the PPTP Server without
consulting the rule set.

Default: Enabled

Max PPP Resends

The maximum number of PPP layer resends.

Default: 10

9.5.4. PPTP/L2TP Clients

The PPTP and L2TP protocols are described in the previous section. In addition to being able to
act as a PPTP or L2TP server, cOS Core also offers the ability to act as a PPTP or L2TP client. This
can be useful if PPTP or L2TP is preferred as the VPN protocol instead of IPsec. One Clavister
Security Gateway can act as a client and connect to another unit which acts as the server.

Client Setup

PPTP and L2TP shares a common approach to client setup which involves the following settings:

General Parameters

•

Name - A symbolic name for the client.

•

Tunnel Protocol - Specifies if it is a PPTP or L2TP client.

•

Remote Endpoint - The IP address of the remote endpoint. Where this is specified as a URL,
the prefix dns: must be precede it.

Authentication

•

Username - Specifies the username to use for this PPTP/L2TP interface.

•

Password - Specifies the password for the interface.

Security

•

IPsecInterface - Optionally specify an IPsecTunnel object to use. The tunnel should not have
the Dynamically add route to remote network option enabled since this can cause
problems.

•

Authentication - These choices specify which authentication protocol to use.

•

MPPE - Specifies if Microsoft Point-to-Point Encryption is used and which level to use.

If Dial On Demand is enabled then the PPTP/L2TP tunnel will not be set up until traffic is sent on
the interface. The parameters for this option are:

Chapter 9: VPN

627