VPN_l2tpServerSetup

VPN > L2TP Server

The SonicWALL security appliance can terminate L2TP-over-IPsec connections from incoming Microsoft Windows 2000 and Windows XP clients. In situations where running the SonicWALL Global VPN Client is not possible, you can use the SonicWALL L2TP Server to provide secure access to resources behind the SonicWALL security appliances.

You can use Layer 2 Tunneling Protocol (L2TP) to create VPN over public networks such as the Internet. L2TP provides interoperability between different VPN vendors that protocols such as PPTP and L2F do not, although L2TP combines the best of both protocols and is an extension of them. L2TP is supported on Microsoft Windows 2000 Operating System.

L2TP supports several of the authentication options supported by PPP, including Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), and Microsoft Challenge Handshake Authentication Protocol (MS-CHAP). You can use L2TP to authenticate the endpoints of a VPN tunnel to provide additional security, and you can implement it with IPsec to provide a secure, encrypted VPN solution.

Note	For more complete information on configuring the L2TP Server, see the technote Configuring the L2TP Server in SonicOS located on the SonicWALL documentation site: http://www.sonicwall.com/us/Support.html .

Configuring the L2TP Server

The VPN > L2TP Server page provides the settings for configuring the SonicWALL security appliance as a LT2P Server.

To configure the L2TP Server, follow these steps:

1.	To enable L2TP Server functionality on the SonicWALL security appliance, select Enable L2TP Server . Then click Configure to display the L2TP Server Configuration window.

2.	Enter the number of seconds in the Keep alive time (secs) field to send special packets to keep the connection open. The default is 60 seconds.

3.	Enter the IP address of your first DNS server in the DNS Server 1 field. If you have a second DNS server, type the IP address in the DNS Server 2 field.

4.	Enter the IP address of your first WINS server in the WINS Server 1 field. If you have a second WINS server, type the IP address in the WINS Server 2 field.

5.	Select IP address provided by RADIUS Server if a RADIUS Server provides IP addressing information to the L2TP clients.

6.	If the L2TP Server provides IP addresses, select Use the Local L2TP IP pool. Enter the range of private IP addresses in the Start IP and End IP fields. The private IP addresses should be a range of IP addresses on the LAN.

7.	If you have configured a specific user group defined for using L2TP, select it from the User Group for L2TP users menu or use Everyone .

8.	Click OK .

Currently Active L2TP Sessions

•	User Name - The user name assigned in the local user database or the RADIUS user database.

•	PPP IP - The source IP address of the connection.

•	Zone - The zone used by the LT2P client.

•	Interface - The interface used to access the L2TP Server, whether it is a VPN client or another SonicWALL security appliance.

•	Authentication - Type of authentication used by the L2TP client.

•	Host Name - The name of the L2Tp client connecting to the L2TP Server.