Page 101 / 139
Scroll up to view Page 96 - 100
6.
Click
Activate
and wait for the firewall to restart.
This example will allow
all
traffic between the two offices. To get a more secure solution read
the
A more secure LAN-to-LAN VPN solution
section in this chapter.
Page 102 / 139
102
LAN-to-LAN VPN using L2TP
Settings for Branch office
1.
Setup interfaces,
System->Interfaces
:
WAN IP:
193.0.2.10
LAN IP:
192.168.4.1
, Subnet mask:
255.255.255.0
2.
Setup L2TP client,
Firewall->VPN:
Under L2TP / PPTP client click
Add new L2TP client
Name the server
toMainOffice
Page 103 / 139
Username:
BranchOffice
Password:
1234567890
(Note! You should use a password that is hard to guess)
Retype password:
1234567890
Interface IP: leave blank
Remote gateway:
192.0.2.20
Remote net:
192.168.1.0/24
Dial on demand: leave unchecked
Under authentication only
MSCHAPv2
should be checked
Page 104 / 139
104
Under MPPE encryption only
None
should be checked
Check
Use IPsec encryption
Enter key
1234567890
(Note! You should use a key that is hard to guess)
Retype key
1234567890
Click
Apply
3.
Setup policies for the new tunnel,
Firewall->Policy:
Click
Global policy parameters
Enable
Allow all VPN traffic: internal->VPN, VPN->internal and VPN->VPN
Click
Apply
Page 105 / 139
4.
Click
Activate
and wait for the firewall to restart
Settings for Main office
1.
Setup interfaces,
System->Interfaces
:
WAN IP:
193.0.2.20
LAN IP:
192.168.1.1
, Subnet mask:
255.255.255.0
2.
Setup L2TP server,
Firewall->VPN:
Under L2TP / PPTP Server click
Add new L2TP server
Name the server
l2tpServer
Leave Outer IP and Inner IP blank
Set client IP pool to
Check
Proxy ARP dynamically added routes
Check
Use unit’s own DNS relayer addresses
19216811.live