Chapter 35 L2TP VPN
ZyWALL Series CLI Reference Guide
301
In firmware 5.0 and later, the Zyxel Device has a default policy route that forwards traffic from the VPN
interface to the WAN and applies SNAT. This default policy route is applied to all VPN profiles in the zone
VPN_To_WAN_SNAT. VPN_To_WAN_SNAT is a hidden zone and does not appear in the Web Configurator
or when listing zones in the CLI.
Note: The Web Configurator automatically adds a VPN profile to zone VPN_To_WAN_SNAT
when you enable setting “Allow Traffic Through WAN Zone”. In the CLI, you must add
each VPN
profiles to the VPN_To_WAN_SNAT zone manually.
35.5 L2TP VPN Commands
The following table describes the values required for some L2TP VPN commands. Other values are
discussed with the corresponding commands.
The following sections list the L2TP VPN commands.
Table 159 Input Values for L2TP VPN Commands
LABEL DESCRIPTION
address_objec
t
The name of an IP address (group) object. You may use 1-31 alphanumeric characters,
underscores(
_), or dashes (-), but the first character cannot be a number. This value is case-
sensitive.
interface_nam
e
The name of the interface.
Ethernet interface: For some Zyxel Device models, use gex, x = 1 - N, where N equals the
highest numbered Ethernet interface for your Zyxel Device model.
For other Zyxel Device models, use a name such as wan1, wan2, opt, lan1, or dmz.
VLAN interface: vlanx, x = 0 - 4094
bridge interface: brx, x = 0 - N, where N depends on the number of bridge interfaces your
Zyxel Device model supports.
ppp_interface
PPPoE/PPTP interface: pppx, x = 0 - N, where N depends on the number of PPPoE/PPTP
interfaces your Zyxel Device model supports.
map_name
The name of an IPSec SA. You may use 1-31 alphanumeric characters, underscores(_), or
dashes (-), but the first character cannot be a number. This value is case-sensitive.
user_name
The name of a user (group). You may use 1-31 alphanumeric characters, underscores(_), or
dashes (-), but the first character cannot be a number. This value is case-sensitive.
domain_name
Fully-qualified domain name. You may use up to 254 alphanumeric characters, dashes (-), or
periods (.), but the first character cannot be a period.
profile_name
The name of an L2TP VPN account. You may use 1-31 alphanumeric characters,
underscores(
_), or dashes (-), but the first character cannot be a number. This value is case-
sensitive.
To Next Page
Loading...
