System information
117Chapter 7 Managing Users’ Computers
Setting Up a User’s VPN Connection Manually
Users may be unable to import VPN settings from a conguration le because they
don’t have the le, or because they have Windows computers, which can’t use the le.
These users can manually set up their computers for a VPN connection to your server.
They need to create a new VPN conguration and enter the following VPN connection
settings:
VPN server or host: your server’s DNS name or public IP address
VPN type: L2TP over IPSec
Shared secret (key) for IPSec: shown in the VPN pane of Server Preferences when you
click Edit and select “Show shared secret”
Account name: the short name of the user’s account on your server
User password: the password of the user’s account on your server
Users who want to make a VPN connection from a computer or network with a rewall
need to congure the rewall to allow trac on UDP ports 500, 1701, and 4500; on TCP
port 1723; and on IP protocol 50.