Chapter 19 L2TP VPN
•You configure an IP address pool object named L2TP_POOL to assign the remote users IP addresses from 192.168.10.10 to 192.168.10.20 for use in the L2TP VPN tunnel.
•The VPN rule allows the remote user to access the LAN_SUBNET which covers the 192.168.1.1/ 24 subnet.
19.5.1Configuring the Default L2TP VPN Gateway Example
The following commands configure the Default_L2TP_VPN_GW entry.
•Configure the My Address setting. This example uses interface ge3 with static IP address 172.23.37.205.
•Configure the
Router(config)# isakmp policy Default_L2TP_VPN_GW
Router(config)#
19.5.2 Configuring the Default L2TP VPN Connection Example
The following commands configure the Default_L2TP_VPN_Connection entry.
Enforce and configure the local and remote policies.
•For the Local Policy, create an address object that uses host type and contains the My Address IP address that you configured in the Default_L2TP_VPN_GW. The address object in this example uses IP address 172.23.37.205 and is named L2TP_IFACE.
•For the Remote Policy, create an address object that uses host type and an IP address of 0.0.0.0. It is named L2TP_HOST in this example.
Router(config)# crypto map Default_L2TP_VPN_Connection
Router(config)#
19.5.3 Configuring the L2TP VPN Settings Example
The following commands configure and display the L2TP VPN settings.
•Set it to use the Default_L2TP_VPN_Connection VPN connection.
•Configure an IP address pool for the range of 192.168.10.10 to 192.168.10.20. In this example it is already created and called L2TP_POOL.
•This example uses the default authentication method (the ZyWALL’s local user data base).
•Select a user or group of users that can use the tunnel. Here a user account named
•The other settings are left to the defaults in this example.
| 161 |
ZyWALL (ZLD) CLI Reference Guide | |
|
|