Specifications
Virtual Private Networking Using IPSec and L2TP Connections
272
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Configure the L2TP Server
As an alternate solution to IPSec VPN tunnels, you can configure a Layer 2 Tunneling
Protocol (L2TP) server on the VPN firewall to allow users to access L2TP clients over L2TP
tunnels. A maximum of 25 simultaneous L2TP user sessions are supported. (The very first IP
address of the L2TP address pool is used for distribution to the VPN firewall.)
An L2TP Access Concentrator (LAC) typically initiates a tunnel to fulfill a connection request
from an L2TP user; the L2TP server accommodates the tunnel request. After an L2TP tunnel
is established, the L2TP user can connect to an L2TP client that is located behind the VPN
firewall.
Note: IPSec VPN provides stronger authentication and encryption than
L2TP. (Packets that traverse the L2TP tunnel are not encapsulated
by IPSec.)
You need to enable the L2TP server on the VPN firewall, specify an L2TP server address
pool, and create L2TP user accounts. (L2TP users are authenticated through local
authentication with geardomain.) For information about how to create L2TP user accounts,
see Configure User Accounts on page 310.
To enable the L2TP server and configure the L2TP server pool:
1. Select VPN > L2TP Server. The L2TP Server screen displays. (The following figure
contains an example.)
Figure 181.