Page 91 / 133
Scroll up to view Page 86 - 90
Username:
BranchOffice
Password:
1234567890
(Note! You should use a password that is hard to guess)
Retype password:
1234567890
Interface IP: leave blank
Remote gateway:
192.0.2.20
Remote net:
192.168.1.0/24
Dial on demand: leave unchecked
Under authentication only
MSCHAPv2
should be checked
Page 92 / 133
92
Under MPPE encryption only
None
should be checked
Check
Use IPsec encryption
Enter key
1234567890
(Note! You should use a key that is hard to guess)
Retype key
1234567890
Click
Apply
3.
Setup policies for the new tunnel,
Firewall->Policy:
Click
Global policy parameters
Enable
Allow all VPN traffic: internal->VPN, VPN->internal and VPN->VPN
Click
Apply
Page 93 / 133
4.
Click
Activate
and wait for the firewall to restart
Settings for Main office
1.
Setup interfaces,
System->Interfaces
:
WAN IP:
193.0.2.20
LAN IP:
192.168.1.1
, Subnet mask:
255.255.255.0
2.
Setup L2TP server,
Firewall->VPN:
Under L2TP / PPTP Server click
Add new L2TP server
Name the server
l2tpServer
Leave Outer IP and Inner IP blank
Set client IP pool to
Check
Proxy ARP dynamically added routes
Check
Use unit’s own DNS relayer addresses
Page 94 / 133
94
Leave WINS settings blank
Under authentication
MSCHAPv2
should be the only checked option.
Under MPPE encryption
None
should be the only checked option.
Check
Use IPsec encryption
Enter key
1234567890
(Note! You should use a key that is hard to guess)
Retype key
1234567890
Click
Apply
Page 95 / 133
3.
Setup policies for the new tunnel,
Firewall->Policy:
Click
Global policy parameters
Enable
Allow all VPN traffic: internal->VPN, VPN->internal and VPN->VPN
Click
Apply
4.
Set up authentication source,
Firewall->Users
:
Select
Local database
Click
Apply
19216811.live