Application introduction
Enterprise users need to provide security tunnels for employees on business trips and remote workstations to access the headquarters network so that terminals can access internal resources. Through L2TP VPN, the terminal can access the Internet through various access methods, such as broadband, private network, 3G, WLAN, and so on, use the VPN client to dial up, establish a secure tunnel with the headquarters router for data transmission.
This article introduces how to build an L2TP server on the TL-ER7520G at the headquarters and access intranet resources by dialing the terminal.
Setting method
1. Set up an L2TP VPN server
[1]
Add
VPN
Address Pool
On the vro management page, click
Object Management
> IP
Address Pool, Click to add the IP address pool range used to allocate to the remote dialing client:
[2]
Set user management
Click
VPN>
User Management, Click, add the L2TP account and related parameters, and select PC to site in mode. Other parameters can be modified as needed.
Note:The local address is the address where the VPN client accesses the router. The maximum session is that this account can be used by multiple computers at the same time.
[3]
Set
L2TP
Server
Click
VPN> L2TP> L2TP
Server, Click, set as follows:
Note:The service interface is the interface connecting the router to the broadband. The VPN client uses the IP address of the interface or the bound domain name address for VPN dialing.
[4]
Add
NAPT
Rules
Click
Transmission Control
> NAT
Set
> NAPTClick to add the following NAPT rules:
Note:Enter the address of the VPN address pool in the source address range, and select an interface that can access the Internet.
Now, the L2TP VPN server has been set up. Just save the configuration.
II. Set L2TP client dialing
After the server is configured and the terminal needs to access the intranet, you can use the L2TP client that comes with the system to dial. The L2TP client configuration methods vary with operating systems. For details, refer to the L2TP dialing methods of the following operating systems:
After the client is successfully dialing, the client information can be displayed in the L2TP server tunnel information.
3. Access the network successfully
After the terminal dial-up connection is successful
VPN> L2TP>
Tunnel Information List
The corresponding entries are displayed, as shown in the following figure:
At this point, the L2TP VPN is successfully connected. The VPN client obtains the IP address assigned by the server and can directly use the IP address of the headquarters intranet to access resources such as internal computers and servers.
