Jump to content
  • EN

Template:Networking rutxxx configuration examples l2tp pover ipsec windows: Difference between revisions

← Older edit
VisualWikitext
No edit summary
No edit summary
 
(5 intermediate revisions by the same user not shown)
Line 21: Line 21:
'''Configuration scheme''':
'''Configuration scheme''':


[[File:{{{file_scheme}}}]]
[[File:{{{file_scheme}}}|border|class=tlt-border]]


The figure above depicts the L2TP/IPsec scheme. - The router with the Public IP address (''RUT1'') acts as the L2TP/IPsec server and the '''Windows 10 device''' acts as client. L2TP connects the networks of ''RUT1'' and ''Windows 10 client'' and IPsec provides the encryption for the L2TP tunnel.
The figure above depicts the L2TP/IPsec scheme. - The router with the Public IP address (''RUT1'') acts as the L2TP/IPsec server and the '''Windows 10 device''' acts as client. L2TP connects the networks of ''RUT1'' and ''Windows 10 client'' and IPsec provides the encryption for the L2TP tunnel.
Line 31: Line 31:
If you have familiarized yourself with the configuration scheme and have all of the devices in order, we can start configuring the routers using instructions provided in this section. To summarize, we'll be configuring an L2TP server and an IPsec Transport instance (server) on ''RUT1''; an a ''Windows 10 VPN connection (client).''
If you have familiarized yourself with the configuration scheme and have all of the devices in order, we can start configuring the routers using instructions provided in this section. To summarize, we'll be configuring an L2TP server and an IPsec Transport instance (server) on ''RUT1''; an a ''Windows 10 VPN connection (client).''


===L2TP Server (RUT1)===
===L2TP Server===
----
First, you'll need to configure an L2TP server instance on your router. Adhere to the instructions below for guidance.
----
----
* Login to the router's WebUI and navigate to the <b>Services → VPN → L2TP</b> page and do the following
<ul>
<ul>
     <li>Select <i>Role: Server</i>.</li>
     <li>Login to the router's WebUI and navigate to the <b>Services → VPN → L2TP</b> page and do the following:
    <li>Enter a <i>custom configuration name</i>.</li>
        <ol>
    <li>Click the 'Add New' button.</li>
            <li>Select <i>Role: Server</i>.</li>
    <li>Click the 'Edit' button next to the newly created L2TP instance.</li>
            <li>Enter a <i>custom configuration name</i>.</li>
            <li>Click the <i>Add New</i> button.</li>
            <li>Click the <i>Edit</i> button next to the newly created L2TP instance.</li>
        </ol>[[File:{{{file_1}}}|border|class=tlt-border]]
    </li>
----
    <li>Configure the L2TP server instance:</li>
        <ol>
            <li><i>Enable</i> the L2TP instance.</li>
            <li>Enter a <i>User name</i> and <i>Password</i> for authentication for the client.</li>
            <li>Optionaly, set a fixed IP for this client (if left empty, client will receive first free IP from the IP range).</li>
            <li>Don't forget to <i>Save</i> the changes.</li>
        </ol>[[File:{{{file_2}}}|border|class=tlt-border]]
    </li>
</ul>
</ul>


[[File:{{{file_add_new}}}|border|class=tlt-border]]
===IPsec===
----
Next, you must configure a working IPsec Transport connection. This subsection contains instructions on how to do just that. Other used parameters will be defaults; you can find explanations for those parameters in the '''[[{{{name}}}_VPN#IPsec|VPN manual page, IPsec section]]'''.
----
<ul>
    <li>Go to the <b>Services → VPN → IPsec</b> page and do the following:
        <ol>
            <li>Enter a custom name for the IPsec instance.</li>
            <li>Click the <i>Add</i> button.</li>
            <li>Click the <i>Edit</i> button next to the newly created instance.</li>
        </ol>[[File:{{{file_3}}}|border|class=tlt-border]]
    </li>
----
----
*Enter a custom name for your IPsec instance and click the "Add" button.
    <li>In the IPsec Configuration page, do the following (and leave the rest as defaults, unless your specific configuration requires otherwise):
[[File:L2TPWIN10-02.png|border|class=tlt-border]]
        <ol>
*Then click the "Edit" button located next to the newly created instance after which you will redirected to that instance's configuration window.
            <li>Enable the instance.</li>
[[File:L2TPWIN10-03.png|border|class=tlt-border]]
            <li>Select <i>Type: Transport</i> and save changes.</li>
<li>Adhere to the configurations presented in the figure below:</li>
        </ol>[[File:{{{file_4}}}|border|class=tlt-border]]
[[File:L2TPWIN10-04.png|border|class=tlt-border]]
    </li>
 
===IPsec===
----
----
You must configure a working IPsec Transport connection. This subsection contains instructions on how to do just that. Other used parameters will be defaults; You can find explanations for those parameters in the '''[[VPN#IPsec|VPN manual page, IPsec section]]'''.
    <li>After having saved the changes, you will be redirected back to the main IPsec page. While there, locate the <b>Pre-shared Keys</b> section and do the following:
        <ol>
            <li>Click the <i>Add</i> button.</li>
            <li>Enter your <i>Pre-shared key</i>.</li>
            <li>Enter <i>%any</i> under <i>Secret's ID selector</i>.</li>
            <li>Click the <i>Save</i> button.</li>
        </ol>[[File:{{{file_5}}}|border|class=tlt-border]]
    </li>
</ul>


<li>Go to '''Services --> VPN --> IPsec.''' Enter a name for your IPsec instance and click '''ADD'''.</li>
==Windows 10 client Configuration==


[[File:L2TPWIN10-05.png|border|class=tlt-border]]<br>
Finally, configure the L2TP/IPsec client on your Windows 10 computer.
<li>Your instance will appear like in the example and then press '''Edit.'''</li>
----
[[File:L2TPWIN10-06.png|border|class=tlt-border]]<br>
<ul>
<ul>
<div>'''1.''' Enable instance.</div>
    <li>Type <i>VPN setting</i> in the Windows search bar:<br>[[File:{{{file_6}}}|border|class=tlt-border]]</li>
<div>'''2.''' Select Type (Transport).</div>
----
<div>'''3.''' Leave other settings as default and press Save.</div>
    <li>Click the <i>Add a VPN connection</i> button:<br>[[File:{{{file_7}}}|border|class=tlt-border]]</li>
</ul>
----
[[File:L2TPWIN10-07.png|border|class=tlt-border]]<br>
    <li>Configure the following parameters:
<li>Then go back to the IPsec overview window.
        <ol>
            <li>Select <i>VPN provider: WIndows (built-in)</i>.</li>
            <li>Enter a custom <i>Connection name</i>.</li>
            <li>Enter the router's WAN IP address into the <i>Server name or address</i> field.</li>
            <li>Select <i>VPN type: L2TP/IPsec with pre-shared key</i>.</li>
            <li>Enter the <i>Pre-shared key</i> exactly as it was specified on the router.</li>
            <li>Select <i>Type of sign-in info: User name and password</i>.</li>
            <li>Enter the <i>User name</i> and <i>Password</i> exactly as they were specified on the router.</li></li>
            <li>Click <i>Save</i></li>
        </ol>[[File:{{{file_8}}}|border|class=tlt-border]]
    </li>
----
    <li>After you are redirected back to the VPN settings page, locate your new connection and click the <i>Connect</i> button. If the connection was successful, you should see the word "connected" appear under the connection name:<br>[[File:{{{file_9}}}|border|class=tlt-border]]</li>
<ul>
<ul>
<div>'''1.''' Press Add Pre-shared Keys (it should appear like in the example).</div>
<div>'''2.''' Create Pre-shared Key.</div>
<div>'''3.''' Write Secret’s ID selector (%any or users public IP address).</div>
<div>'''4.''' Press '''Save'''</div>
</ul>
</li>
[[File:L2TPWIN10-08.png|border|class=tlt-border|color=black]]


==Windows 10 client Configuration==
==Testing the configuration==
<li>Write VPN in the search bar and then open VPN settings.</li>
[[File:L2TPWIN10-09.png|border|class=tlt-border]]
<li>Then press Add VPN connection</li>
[[File:L2TPWIN10-10.png|border|class=tlt-border]]


<ul>
Open the Windows <b>Command Prompt</b> and attempt to ping router's L2TP address:
<div>'''1.''' Create Connection name.</div>
<div>'''2.''' Write server’s IP address.</div>
[[File:{{{file_10}}}|border|class=tlt-border]]
<div>'''3.''' Select VPN type (L2TP/IPsec with pre-shared key).</div>
<div>'''4.''' Write Pre-shared key (write the password you created in the IPsec settings).</div>
<div>'''5.''' Select Type of sign-in info (User name and password).</div>
<div>'''6.''' Write Username (write the username you created in the L2TP settings).</div>
<div>'''7.''' Write Password (write the password you created in the L2TP settings).</div>
<div>'''8.''' Press Save.</div>
</ul>


[[File:L2TPWIN10-11.png|border|class=tlt-border|800px]]
If your computer is receiving replies, then the L2TP/IPsec connection was a success.
<li>Try connecting VPN server.</li>
[[File:L2TPWIN10-12.png|border|class=tlt-border]]
<li>It should show Connected.</li>
[[File:L2TPWIN10-13.png|border|class=tlt-border]]
<li>From computer, try to ping remote VPN endpoint by using CMD and ping command.</li>
[[File:L2TPWIN10-14.png|border|class=tlt-border]]


==See also==
==See also==


* Other types of VPNs suported by RUTxxx devices:
* Other types of VPNs supported by {{{name}}} devices:
** [[L2TP configuration examples]]
** [[L2TP configuration examples]]
** [[IPsec configuration examples]]
** [[IPsec configuration examples]]
Retrieved from "https://wiki.teltonika-networks.com/view/Template:Networking_rutxxx_configuration_examples_l2tp_pover_ipsec_windows"