Page 221 / 357 Scroll up to view Page 216 - 220
Vigor2830 Series User’s Guide
209
z
When you choose
L2TP
, you will see the following graphic:
z
When you choose
L2TP over IPSec (Nice to Have)
or
L2TP over IPSec (Must),
you
will see the following graphic:
Profile Name
Type a name for such profile. The length of the file is
limited to 10 characters.
VPN Dial-Out Through
Use the drop down menu to choose a proper WAN
interface for this profile. This setting is useful for dial-out
only.
Page 222 / 357
Vigor2830 Series User’s Guide
210
WAN1 First
- While connecting, the router will use
WAN1 as the first channel for VPN connection. If
WAN1 fails, the router will use another WAN interface
instead.
WAN1 Only
- While connecting, the router will use
WAN1 as the only channel for VPN connection.
WAN2 First
- While connecting, the router will use
WAN2 as the first channel for VPN connection. If
WAN2 fails, the router will use another WAN interface
instead.
WAN2 Only
- While connecting, the router will use
WAN2 as the only channel for VPN connection.
Always On
Check to enable router always keep VPN connection.
Pre-Shared Key
IKE Authentication Method
usually applies to those
are remote dial-in user or node (LAN to LAN) which
uses dynamic IP address and IPSec-related VPN
connections such as L2TP over IPSec and IPSec tunnel.
Pre-Shared Key-
Specify a key for IKE authentication.
Confirm Pre-Shared Key-
Confirm the pre-shared key.
Digital Signature (X.509)
Click
Digital Signature
to invoke this function. Use the
drop down list to choose one of the certificates for using.
You have to configure one certificate at least previously
in
Certificate Management >> Local Certificate.
Otherwise, the setting you choose here will not be
effective.
Peer ID
– Choose the peer ID selection from the drop
down list.
Local ID
– Choose
Alternative Subject Name First
or
Subject Name First
.
IPSec Security Method
Medium
-
Authentication Header (AH) means data will
be authenticated, but not be encrypted. By default, this
option is active.
High
-
Encapsulating Security Payload (ESP) means
payload (data) will be encrypted and authenticated. You
may select encryption algorithm from Data Encryption
Standard (DES), Triple DES (3DES), and AES.
User Name
This field is used to authenticate for connection when
you select PPTP or L2TP with or without IPSec policy
above.
Password
This field is used to authenticate for connection when
you select PPTP or L2TP with or without IPSec policy
above.
Page 223 / 357
Vigor2830 Series User’s Guide
211
Remote Network IP
Please type one LAN IP address (according to the real
location of the remote host) for building VPN
connection.
Remote Network Mask
Please type the network mask (according to the real
location of the remote host) for building VPN
connection.
After finishing the configuration, please click
Next.
The confirmation page will be shown as
follows. If there is no problem, you can click one of the radio buttons listed on the page and
click
Finish
to execute the next action.
Go to the VPN Connection
Management
Click this radio button to access
VPN and Remote
Access>>Connection Management
for viewing VPN
Connection status.
Do another VPN Server
Wizard Setup
Click this radio button to set another profile of VPN Server
through VPN Server Wizard.
View more detailed
configuration
Click this radio button to access
VPN and Remote
Access>>LAN to LAN
for viewing detailed configuration.
Page 224 / 357
Vigor2830 Series User’s Guide
212
4.10.2 VPN Server Wizard
Such wizard is used to configure VPN settings for VPN server. Such wizard will guide to set
the LAN-to-LAN profile for VPN dial in connection (from client to server) step by step.
VPN Server Mode
Selection
Choose the direction for the VPN server.
Site to Site VPN
– To set a LAN-to-LAN profile
automatically, please choose Site to Site VPN.
Remote Dial-in User
–You can manage remote access by
maintaining a table of remote user profile, so that users can
be authenticated to dial-in via VPN connection.
Please choose a
LAN-to-LAN Profile
This item is available when you choose
Site to Site VPN
(LAN-to-LAN) as VPN server mode. There are 32 VPN
profiles for users to set.
Page 225 / 357
Vigor2830 Series User’s Guide
213
Please choose a Dial-in
User Accounts
This item is available when you choose Remote Dial-in User
(Teleworker) as VPN server mode. There are 32 VPN
tunnels for users to set.
Allowed Dial-in Type
This item is available after you choose any one of dial-in
user account profiles. Next, you have to select suitable
dial-in type for the VPN server profile. There are several
types provided here (similar to VPN Client Wizard).
Different Dial-in Type will lead to different configuration
page. In addition, adjustable items for each dial-in type will
be changed according to the VPN Server Mode (
Site to Site
VPN
and
Remote Dial-in User
) selected.
After making the choices for the server profile, please click
Next
. You will see different
configurations based on the selection you made.
Here we take the examples of choosing
Remote-Dial-in User
as the
VPN Server Mode
.

Rate

4.7 / 5 based on 3 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top