User's Manual
Table Of Contents
- Getting Started
- Wizards
- Using the Startup Wizard
- Using the Wireless Wizard to Configure the Wireless Settings for ISA550W and ISA570W
- Using the DMZ Wizard to Configure the DMZ Settings
- Using the Dual WAN Wizard to Configure the WAN Redundancy Settings
- Using the Site-to-Site Wizard to Establish the Site-to-Site VPN Tunnels
- Using the Remote Access Wizard to Establish the IPSec VPN Tunnels or SSL VPN Tunnels for Remote Access
- Status
- Networking
- Configuring IP Routing Mode
- Port Management
- Configuring the WAN
- Configuring the WAN Redundancy
- Configuring the VLAN
- Configuring the DMZ
- Configuring the Zones
- Configuring the Routing
- Dynamic DNS
- IGMP
- VRRP
- Configuring the Quality of Service
- Address Management
- Service Management
- Wireless Configuration for ISA550W and ISA570W
- Firewall
- Configuring the Firewall Access Rules to Control Inbound and Outbound Traffic
- Configuring the Firewall Schedule
- Firewall Access Rule Configuration Examples
- Configuring the NAT Rules to Securely Access a Remote Network
- Configuring the Session Settings
- Configuring the Content Filtering to Control Access to Internet
- Configuring the MAC Filtering to Permit or Block Traffic
- Configuring the IP/MAC Binding to Prevent Spoofing
- Configuring the Attack Protection
- Configuring the Application Level Gateway
- Security Services
- VPN
- About VPN
- Configuring the Cisco IPSec VPN Server
- Configuring the Cisco IPSec VPN Client
- Configuring the Site-to-Site VPN
- Configuring the SSL VPN
- Elements of the SSL VPN
- Configuration Tasks to Establish a SSL VPN Tunnel
- Installing the Cisco AnyConnect VPN Client on User’s PC
- Importing the Certificates for User Authentication
- Configuring the SSL VPN Users
- Configuring the SSL VPN Gateway
- Configuring the SSL VPN Group Policies
- Configuring the SSL VPN Portal
- Configuring the L2TP Server
- Configuring the VPN Passthrough
- Viewing the VPN Status
- User Management
- Device Management
- Remote Management
- Administration
- SNMP
- Configuration Management
- Firmware Management
- Log Management
- Managing the Security License
- Managing the Certificates for Authentication
- Configuring the Email Alert Settings
- Configuring the RADIUS Servers
- Configuring the Time Zone
- Device Discovery
- Diagnosing the Device
- Measuring and Limiting Traffic with the Traffic Meter
- Configuring the ViewMaster
- Configuring the CCO Account
- Configuring the Device Properties
- Configuring the Debug Settings
- Troubleshooting
- Technical Specifications and Environmental Requirements
- Factory Default Settings
- Where to Go From Here
VPN
Configuring the L2TP Server
Cisco ISA500 Series Integrated Security Appliance Administrator Guide 267
8
STEP 2 Click On to enable L2TP server, or click Off to disable it.
STEP 3 If you enable L2TP, enter the following information:
• Listen WAN Interface: Choose the WAN interface on which the L2TP server
listens to accept the incoming L2TP VPN connection.
• User Name: Enter the user name that all L2TP clients use to access the L2TP
server.
• Password: Enter the password that all L2TP clients use to access the L2TP
server.
NOTE All L2TP clients use the same user name and password to log into the
L2TP server.
• MTU: Enter the MTU size in bytes that can be sent over the network (the
range from 128 to 1400 bytes). The default is 1400 bytes.
• Authentication Method: You can choose either CHAP or PAP, or both to
authenticate to the L2TP clients. Click On to enable CHAP or PAP, or click Off
to disable it.
• Local Service IP: Enter the IP address of the established PPP link.
• Address Pool: The L2TP server assigns IP addresses to L2TP clients. Enter
the starting IP address in the Start IP field and the ending IP address in the
End IP field.
• DNS1 IP: Enter the IP address of the primary DNS server.
• DNS2 IP: Optionally, enter the IP address of the secondary DNS server.
• Enable over IPSec: Click On to enable the data encryption over the IPSec
VPN tunnel, or click Off to disable it.
• Preshare Key: The data encryption over the IPSec VPN tunnel uses a pre-
shared key for authentication. If you enable Enable over IPSec, enter the
desired value, which the L2TP clients must provide to establish a connection.
The pre-shared key must be entered exactly the same here and on the L2TP
clients.
STEP 4 Click Save to apply your settings.