L2tpv3 server setup for vlans – Amer Networks E5Web GUI User Manual
Page 633

The cOS Core L2TPv3 server can handle VLAN tagged Ethernet frames so that a protected
internal network can be accessed by external clients over VLAN connections.
To do this with cOS Core, two VLANs need to be configured, both with the same VLAN ID as the
ID used by the clients. One VLAN is configured on the local, protected Ethernet interface. The
other VLAN is configured on the L2TPv3 server interface. Both of these VLANs must have
transparent mode enabled.
A summary of the setup steps for VLAN follows:
A. Define an L2TPv3 server interface object as described previously but do not enable
transparent mode on the protected Ethernet interface.
B. Set up a cOS Core VLAN interface object with the following properties:
i.
The VLAN ID is the same as the VLAN ID of packets sent by clients.
ii.
The interface is the protected Ethernet interface.
iii.
The network is the same as the protected local network.
iv.
The IPv4 address for the VLAN is any arbitrary IP from the protected local network.
v.
Transparent mode for this VLAN is enabled.
C. Set up a second VLAN interface object with the following properties:
i.
The VLAN ID is the same as the previous VLAN and the same as the ID of packets sent by
clients.
ii.
The interface is the L2TPv3 Server object defined previously.
iii.
The network is the same as the protected local network.
iv.
The IPv4 address for the VLAN is any arbitrary IP from the protected local network but
different from the previous VLAN.
v.
Transparent mode for this VLAN is enabled.
Example 9.15. L2TPv3 Server Setup For VLANs
Assume an L2TPv3 tunnel called my_l2tpv3_if is to be set up so that L2TPv3 clients can connect
on the If2. The protected network If3_net on the If3 interface will be accessible to these clients.
In addition, the clients will access over a VLAN within the tunnel that has a VLAN ID of 555.
It is assumed two arbitrary IPv4 addresses called If3_arbitrary_ip1 and If3_arbitrary_ip2 from the
protected network If3_net have already been defined in the cOS Core address book.
Command-Line Interface
A. First, define a L2TPv3 Server object:
Device:/> add Interface L2TPv3Server my_l2tpv3_if
IP=If3_ip
LocalNetwork=If3
Interface=If2
ServerIP=If2_ip
B. Next, create a VLAN object on the protected interface If3:
Chapter 9: VPN
633