ZyXEL Communications ZyWALL 1000 L2TP VPN, 25.1L2TP VPN Overview, 25.2IPSec Configuration

L2TP VPN

This chapter explains how to set up and maintain L2TP VPNs in the ZyWALL. See Section

5.4.6on page 116 for related information on these screens.

25.1L2TP VPN Overview

L2TP VPN lets remote users use the L2TP and IPSec client software included with their computers’ operating systems to securely connect to the network behind the ZyWALL. The remote users do not need their own IPSec gateways or VPN client software.

Figure 237 L2TP VPN Overview

IPSec VPN Tunnel

L2TP Tunnel

The Layer 2 Tunneling Protocol (L2TP) works at layer 2 (the data link layer) to tunnel network traffic between two peers over another network (like the Internet). In L2TP VPN, an IPSec VPN tunnel is established first (see Chapter 20 on page 291 for information on IPSec) and then an L2TP tunnel is built inside it.

"At the time of writing the L2TP remote user must have a public IP address in order for L2TP VPN to work (the remote user cannot be behind a NAT router or a firewall).

25.2IPSec Configuration

You must configure an IPSec VPN connection for L2TP VPN to use (see Chapter 20 on page

291 for details). The IPSec VPN connection must:

• Be enabled.

	345
ZyWALL USG 1000 User’s Guide	345