Chapter 17 L2TP VPN
ZyWALL (ZLD) CLI Reference Guide
113
17.4 L2TP VPN Commands
The following table describes the values required for some L2TP VPN commands. Other
values are discussed with the corresponding commands.
The following sections list the L2TP VPN commands.
17.4.1 L2TP VPN Commands
This table lists the commands for L2TP VPN. You must use the configure terminal
command to enter the configuration mode before you can use these commands.
Table 59 Input Values for L2TP VPN Commands
LABEL DESCRIPTION
address_object The name of an IP address (group) object. You may use 1-31 alphanumeric
characters, underscores(
_), or dashes (-), but the first character cannot be a
number. This value is case-sensitive.
interface_name The name of the interface.
Ethernet interface: gex, x = 1 - N, where N equals the highest numbered
Ethernet interface for your ZyWALL model.
VLAN interface: vlanx, x = 0 - 31
bridge interface: brx, x = 0 - 11
ppp_interface PPPoE/PPTP interface: pppx, x = 0 - 11
map_name The name of an IPSec SA. You may use 1-31 alphanumeric characters,
underscores(
_), or dashes (-), but the first character cannot be a number. This
value is case-sensitive.
user_name The name of a user (group). You may use 1-31 alphanumeric characters,
underscores(_), or dashes (-), but the first character cannot be a number. This
value is case-sensitive.
Table 60 L2TP VPN Commands
COMMAND DESCRIPTION
l2tp-over-ipsec recover
default-ipsec-policy
If the default L2TP IPSec policy has been deleted, use this command to
recreate it (with the default settings).
[no] l2tp-over-ipsec
activate;
Turns L2TP VPN on. The no command turns it off.
l2tp-over-ipsec crypto
map_name
Specifies the IPSec VPN connection the ZyWALL uses for L2TP VPN. It
must meet the requirements listed in Section 17.2 on page 111.
Note: Modifying this VPN connection (or the VPN gateway
that it uses) disconnects any existing L2TP VPN
sessions.
l2tp-over-ipsec pool
address-object
Specifies the address object that defines the pool of IP addresses that the
ZyWALL uses to assign to the L2TP VPN clients.
l2tp-over-ipsec
authentication aaa
authentication profile_name
Specifies how the ZyWALL authenticates a remote user before allowing
access to the L2TP VPN tunnel.
The authentication method has the ZyWALL check a user’s user name and
password against the ZyWALL’s local database, a remote LDAP, RADIUS, a
Active Directory server, or more than one of these.
[no] l2tp-over-ipsec user
user_name
Specifies the user or user group that can use the L2TP VPN tunnel. If you
do not configure this, any user with a valid account and password on the
ZyWALL to log in. The no command removes the user name setting.
To Next Page
Loading...
