ZyXEL Communications max208m Security > L2TP VPN > L2TP Client > Add

Chapter 8 Security

Click Security > L2TP VPN > L2TP Client > Add to open this screen as shown next.

Figure 76 L2TP Client: Add

This screen contains the following fields:

Table 58 L2TP Client: Add

LABEL	DESCRIPTION
Profile Name	Enter the name for this client connection.

L2TP Protocol	Select the L2TP Protocol Version 2 or 3. L2TPv2 is a standard method for
Version	tunneling Point-to-Point Protocol (PPP) while L2TPv3 provides improved support
	for other types of networks including frame relay and ATM.

NAT Mode?	Select Yes if the client will be located behind a NAT enabled router. This will
	allow multiple clients using NAT to connect with L2TP at the same time.

Auth Protocol	Select the Authentication Protocol allowed for the connection. Options are:
	• PAP - Password Authentication Protocol (PAP) authentication occurs in clear
	text and does not use encryption. It’s probably not a good idea to rely on this
	for security.
	• CHAP - Challenge Handshake Authentication Protocol (CHAP) provides
	authentication through a shared secret key and uses a three way handshake.
	• MSCHAPv1 - Microsoft CHAP v1 (MSCHAPv1) provides authentication
	through a shared secret key and uses a three way handshake. It provides
	improved usability with Microsoft products.
	• MSCHAPv2 - Microsoft CHAP v2 (MSCHAPv2) provides encryption through a
	shared secret key and uses a three way handshake. It provides additional
	security over MSCHAPv1, including two-way authentication.

MPPE Encryption	If MSCHAPv1 or MSCHAPv2 is selected as an Auth Protocol, use the drop-
	down list box to select the type of Microsoft Point-to-Point Encryption (MPPE).
	Options are:
	• MPPE 40 bits - MPPE with 40 bit session key length
	• MPPE 128 bits - MPPE with 128 bit session key length
	• Auto - Automatically select either MPPE 40 bits or MPPE 128 bits

MPPE Stateful?	Select Yes to enable stateful MPPE encryption. This can increase performance
	over stateless MPPE, but should not be used in lossy network environments like
	layer two tunnels over the Internet.

Server IP Address	Enter the IP address of the L2TP server.

User Name	Enter the user name for connecting to the L2TP server.

136
136	WiMAX Device Configuration User’s Guide

Contents

Copyright © ZyXEL Communications Corporation Page About This User's Guide Document Conventions Page Safety Warnings Contents Overview Page Table of Contents Part I: User’s Guide Chapter System Status WiMAX Network Setting The VoIP General Screens The VoIP Account Screens The VoIP Line Screens Maintenance Page Page Page Introduction to the Series 1.1 About Your WiMAX Device FEATURE FREQUENCY NUMBER OF Figure 1.2 Good Habits for Managing the WiMAX Device Introduction to the Web Configurator 2.1 Overview Table LABEL DESCRIPTION LABELDESCRIPTION 2.2 The Main Screen MENU Page Setup Wizard 3.1 Overview Page Page By Range Start Frequency Page Setup Wizard PHONE Page N mixed None WEP WPA Personal WEP Wizard Setup Tutorials 4.1 Overview 4.2WiMAX Connection Settings 4.3 Setting Up a Small Network for the LAN Network Setting > LAN > DHCP Server Network Setting > WAN Operation Mode 4.4 Making a Telephone Call Over the Internet 4Click VoIP > Account > SIP SIP Account VoIP > Account > Status Connect Register Status 4.5 Blocking Web Access from the WiMAX Device 4.6 Restricting Wireless Access to the WiMAX Device Network Setting Security Firewall MAC Filter Blacklist 4.7 Allowing Internet Users to use Internal Servers Port Forwarding 4.8 Access the WiMAX Device with a Domain Name http://www.dyndns.org UserName1 •Hostname: mywimax.dyndns.org •Service Type: Host with IP address 4.9Configuring Static Route for Routing to Another Network DEVICE / COMPUTER IP ADDRESS 4.10 Remotely Managing Your WiMAX Device 4.11Changing Certificate to Communicate with Other Networks 4.12Using Virtual Networks User Get IP Method WAN IP Address WAN IP Subnet Mask Gateway IP Address Link Type PVID Tag/Untag VID Ports Page LAN1 Page Page Page Page Page Name VID Ports Filter Setting LAN1 Page Page System Status 5.1 Overview 5.2 System Status Table 11 Status Scanning Disconnected Network Entry Normal Disabled Page WiMAX 6.1 Overview AAA Site Survey 6.2 Connection Settings WiMAX > Profile > Connection Settings By CINR 6.3 Frequency Settings WiMAX > Profile > Frequency Settings List By Range WiMAX > Wide Scan screen Setting 6.4 Authentication Settings Page EAP-TLS 6.5 Channel Plan Settings WiMAX > ND&S > Channel Plan Settings 6.6 CAPL Settings WiMAX > ND&S > CAPL Settings: Add 6.7 RAPL Settings 6.8 Home NSP Settings 6.9 Connect Table 20 Connect WiMAX > Profile > Frequency Settings WiMAX > Wide Scan WiMAX > Wide Scan Join Wide Scan Result 6.10 Wide Scan WiMAX > Wide Scan Table 21 Wide Scan 6.11 Link Status 6.12 Link Statistics 6.13 Connection Info 6.14 Service Flow Page Network Setting 7.1 Overview Primary Secondary DNS Server RIP Direction RX/TX RX Only Page 7.2 WAN Figure 43 WAN Screen Table 26 WAN Ethernet From ISP 7.3 PPPoE 7.4 GRE 7.5 EtherIP 7.6 IP 7.7 DHCP 7.8 WLAN Network Setting > WLAN Table 32 WLAN 802.11B/G mixed Auto Personal 7.9 WPS 7.10 MAC Address Filter 7.11 Static Route 7.12 Static Route Add 7.13 RIP Network Setting > Route > RIP Figure 54 RIP Screen Table 37 RIP 7.14 Port Forwarding 7.15 Port Trigger Network Setting > NAT > Port Trigger Page 7.16DMZ 7.17 ALG 7.18 QoS 7.19 UPnP Network Setting > UPnP Table 45 UPnP 1Click Start > Control Panel 2Double-click Network Connections Network Connections Start Control Panel Properties Internet Connection Properties Settings Page 1Click Start and then Control Panel 3Select My Network Places under Other Places Local Network Invoke 7.20 VLAN Network Setting > VLAN Table 46 VLAN Network Setting > WAN Access Trunk 7.21 DDNS Table 47 DDNS IP Update Policy 7.22 IGMP Proxy 7.23 Content Filter Page Security 8.1 Overview 8.2 IP Filter 8.3 MAC Filter 8.4 DDOS Security > Firewall > DDOS Table 52 DDOS 8.5 PPTP VPN Server 8.6 PPTP VPN Client 8.7 PPTP VPN Client: Add Security > PPTP VPN > PPTP Client > Add MPPE 40 MPPE 128 8.8 L2TP VPN Server Page 8.9 L2TP VPN Client 8.10 L2TP VPN Client: Add Security > L2TP VPN > L2TP Client > Add 8.11 IPSec VPN Page Security > IPSec VPN > Add Local ID Type Pre-Shared Key Content Endpoint DES 3DES AES128 AES192 Remote Endpoint Tunnel Transport Authentication Algorithm 8.12 Technical Reference ESP Outside header Inside header 8.12.3IKE Phases DH1 DH2 Negotiation Mode Main Mode Aggressive Mode Main Mode SECURITY PROTOCOL NAT Traversal LOCAL ID TYPE= CONTENT Local ID type Remote ID type E-mail WIMAX DEVICE A Page The VoIP General Screens 9.1 VoIP Overview Page 9.2 Media 9.3 QoS 9.4 SIP Settings 9.5 Speed Dial 9.6 Technical Reference The VoIP Account Screens 10.1 Overview Page Figure 91 STUN 10.2 Status 10.3 Server Registrar 10.4 SIP G.711 aLaw G.711 muLaw • G.729 NONE than the Min Session Timer 10.5 Feature 10.6 Dialing 10.7 FAX 10.8 Technical Reference Page Page Page The VoIP Line Screens 11.1 Overview 11.2 Phone 11.3 Voice 11.4 Region Page Maintenance 12.1 Overview Page Page TRAP # TRAP NAME Basic Access Authentication Digest Access Authentication Hash Message Authentication Code Operator MP3s 12.2 Password 12.3 HTTP 12.4 Telnet 12.5 SSH 12.6 SNMP 12.7 CWMP Maintenance > Remote MGMT > CWMP Figure 110 CWMP Screen Table 86 CWMP 12.8 OMA-DM Basic Server Auth Type Server Auth Type 12.9 Date/Time 12.10 Time Zone 12.11 Upgrade File 12.12 Upgrade Link 12.13 CWMP Upgrade 12.14 Backup/Restore 12.15 Restore 12.16 Factory Defaults 12.17 Log Setting 12.18 Log Display 12.19 Network Test 12.20 Traceroute 12.21 About 12.22 Reboot Page Troubleshooting 13.1Power, Hardware Connections, and LEDs 13.2 WiMAX Device Access and Login 13.3 Internet Access Strength Indicator 13.4 Wireless Internet Access (for Models with WiFi) 13.5Phone Calls and VoIP (for Models with Phone Ports) 13.6 Reset the WiMAX Device to Its Factory Defaults Product Specifications Page Page Page WiMAX Security Page Page Page Importing Certificates 2Click Continue to this website (not recommended) 3In the Address Bar, click Certificate Error > View certificates 4In the Certificate dialog box, click Install Certificate 5In the Certificate Import Wizard, click Next Select Certificate Store 9In the Completing the Certificate Import Wizard screen, click Finish Security Warning Website Identification Page 1Open Internet Explorer and click TOOLS > Internet Options 2In the Internet Options dialog box, click Content > Certificates Certificates Root Certificate Store 2Select Accept this certificate permanently and click OK Page Info > Security 1Open Firefox and click TOOLS > Options 2In the Options dialog box, click ADVANCED > Encryption > View Certificates Select File Page Certificate Manager Web Sites 4In the Delete Web Site Certificates dialog box, click OK Install Security information 1Open Opera and click TOOLS > Preferences 2In Preferences, click ADVANCED > Security > Manage certificates 3In the Certificates Manager, click Authorities > Import Import certificate Open 5In the Install authority certificate dialog box, click Install 2In Preferences, ADVANCED > Security > Manage certificates Certificates manager Authorities 2Click Continue Forever Figure KDE SSL Information 2In the Certificate Import Result - Kleopatra dialog box, click OK Kleopatra 1Open Konqueror and click Settings > Configure Konqueror Configure Crypto Peer SSL Certificates Remove Page Common Services Page Page Page Open Software Announcements Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Legal Information 注意 Page Regulatory Information European Union Page Page Page Page AAA68 CA 69 CCMP 207 70 68 67 Page STUN 158 TTLS 207 ALG 93