Select Enable L2TP.

Enter the Starting IP and the Ending IP for the L2TP address range.

Select the User Group that you added in step Create a user group for your L2TP users..

Select Apply to enable L2TP through the DFL-500 NPG.

Sample L2TP address range configuration

When using a RADIUS server for user authentication, PPTP and L2TP encryption is not supported and you should not select Require data encryption when configuring Windows clients for PPTP or L2TP.

Add the addresses from the L2TP address range to the external interface address list. The addresses can be grouped into an external address group.

Add the addresses to which L2TP users can connect to the internal interface. The addresses can be grouped into an address group.

Add an Ext ->Int policy to allow L2TP clients to connect through the DFL-500 NPG. Configure the policy as follows:

Source Destination

Service

Action

NAT

The address group that matches the L2TP address range.

The address to which L2TP users can connect.

The service that matches the traffic type inside the L2TP VPN tunnel. For example, if L2TP users can access a web server, select HTTP.

ACCEPT

Select NAT if address translation is required.

You can also configure traffic shaping, logging, and web filter settings for L2TP policies.

DFL-500 User Manual

70

 

Page 70
Image 70
D-Link DFL-500 user manual Sample L2TP address range configuration