Manualshelf

User manual

ManualsBrandsD-Link ManualsNetworkingDFL- 860
231232233234235236237238239240
An int_net object which is the internal network from which the addresses come.
An ip_int object which is the internal IP address of the interface connected to the internal
network. let's assume this interface is int.
An ip_ext object which is the external public address which clients will connect to (let's
assume this is on the ext interface).
2. Define a PPTP/L2TP object (let's call it pptp_tunnel) with the following parameters:
Set Inner IP Address to ip_net.
Set Tunnel Protocol to PPTP.
Set Outer Interface Filter to ext.
Set Outer server IP to ip_ext.
For Microsoft Point-to-Point Encryption it is recommended to disable all options except
128 bit encryption.
Set IP Pool to pptp_pool
Enable Proxy ARP on the int interface.
As in L2TP, enable the insertion of new routes automatically into the main routing table.
3. Define a User Authentication Rule, this is almost identical to L2TP:
Agent Auth Source Src Network Interface Client Source IP
PPP Local all-nets pptp_tunnel all-nets (0.0.0.0/0)
4. Now set up the IP rules in the IP rule set:
Action Src Interface Src Network Dest Interface Dest Network Service
Allow pptp_tunnel pptp_pool any int_net All
NAT pptp_tunnel pptp_pool ext all-nets All
As described for L2TP, the NAT rule lets the clients access the public Internet via the D-Link
Firewall.
5. Set up the client. For Windows XP, the procedure is exactly as described for L2TP above but
without entering the pre-shared key.
9.2.7. VPN Troubleshooting
General Troubleshooting
In all types of VPNs some basic troubleshooting checks can be made:
Check that all IP addresses have been specified correctly.
Check that all pre-shared keys and usernames/passwords are correctly entered.
9.2.7. VPN Troubleshooting Chapter 9. VPN
237