Page 86 / 133
Scroll up to view Page 81 - 85
86
Settings for Main office
1.
Setup interfaces,
System->Interfaces
:
WAN IP:
193.0.2.20
LAN IP:
192.168.1.1
, Subnet mask:
255.255.255.0
2.
Setup PPTP server,
Firewall->VPN:
Under L2TP / PPTP Server click
Add new PPTP server
Name the server
pptpServer
Leave Outer IP and Inner IP blank
Set client IP pool to
Check
Proxy ARP dynamically added routes
Check
Use unit’s own DNS relayer addresses
Leave WINS settings blank
Page 87 / 133
Under authentication
MSCHAPv2
should be the only checked option.
Under MPPE encryption
128 bit
should be the only checked option.
Leave
Use IPsec encryption
unchecked
Click
Apply
3.
Setup policies for the new tunnel,
Firewall->Policy:
Click
Global policy parameters
Enable
Allow all VPN traffic: internal->VPN, VPN->internal and VPN->VPN
Click
Apply
Page 88 / 133
88
4.
Set up authentication source,
Firewall->Users
:
Select
Local database
Click
Apply
5.
Add a new user,
Firewall->Users
:
Under
Users in local database
click
Add new
Name the new user
BranchOffice
Enter password:
1234567890
Retype password:
1234567890
Leave static client IP empty (could also be set to eg 192.168.1.200. If no IP is set
here the IP pool from the PPTP server settings are used).
Set Networks behind user to
192.168.4.0/24
Page 89 / 133
Click
Apply
6.
Click
Activate
and wait for the firewall to restart.
This example will allow
all
traffic between the two offices. To get a more secure solution read
the
A more secure LAN-to-LAN VPN solution
section in this chapter.
Page 90 / 133
90
LAN-to-LAN VPN using L2TP
Settings for Branch office
1.
Setup interfaces,
System->Interfaces
:
WAN IP:
193.0.2.10
LAN IP:
192.168.4.1
, Subnet mask:
255.255.255.0
2.
Setup L2TP client,
Firewall->VPN:
Under L2TP / PPTP client click
Add new L2TP client
Name the server
toMainOffice
19216811.live